diff --git a/.cargo/audit.toml b/.cargo/audit.toml index e183aab..9b47028 100644 --- a/.cargo/audit.toml +++ b/.cargo/audit.toml @@ -7,4 +7,17 @@ ignore = [ # not a realistic attack surface here. Revisit when mongodb bumps hickory. "RUSTSEC-2026-0118", # NSEC3 loop, no fix available upstream "RUSTSEC-2026-0119", # O(n²) name compression, fixed in hickory-proto >=0.26.1 + + # rmcp 0.16.0 — DNS rebinding in Streamable HTTP server transport (missing + # Host header validation). Patched in rmcp >= 1.4.0, which is a major API + # version jump from our pin; rmcp shipped 0.x → 1.x → 2.x in three months + # and the migration touches every tool handler + the auth middleware we + # just landed in #92. Threat model in our deployment: the MCP server is + # exposed at a public hostname (comp-mcp-dev.meghsakha.com) behind orca's + # TLS-terminating ingress with per-tenant bearer auth — the attack model + # (browser DNS-rebinding into localhost MCP server) doesn't directly apply. + # Defense-in-depth Host-header check is still a worthwhile follow-up. + # FOLLOW-UP: bump rmcp to 2.x in a dedicated PR (M7.3 follow-up, sized + # multi-hour due to API surface change). + "RUSTSEC-2026-0189", ] diff --git a/Cargo.lock b/Cargo.lock index d892731..fe8a944 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -4282,9 +4282,9 @@ dependencies = [ [[package]] name = "quinn-proto" -version = "0.11.14" +version = "0.11.15" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "434b42fec591c96ef50e21e886936e66d3cc3f737104fdb9b737c40ffb94c098" +checksum = "4fcb935c5bec503c2f0e306bdd3e58bb9029dcb14fa8d9ac76e3a5256ac0763e" dependencies = [ "bytes", "getrandom 0.3.4",