Two new RUSTSEC advisories landed between 2026-06-18 and 2026-06-30
that started failing every PR's `cargo audit` step:
- RUSTSEC-2026-0185 (quinn-proto 0.11.14): remote memory exhaustion via
unbounded out-of-order stream reassembly. Patched in 0.11.15 (semver-
compatible). `cargo update -p quinn-proto`, no API change.
- RUSTSEC-2026-0189 (rmcp 0.16.0): DNS rebinding in Streamable HTTP
server transport due to missing Host-header validation. Patched in
rmcp >= 1.4.0, which is a major API jump from our pin (rmcp shipped
0.x -> 1.x -> 2.x in three months and the migration touches every
tool handler + the auth middleware just landed in #92).
Added to ignore with justification: our MCP server is exposed at a
public hostname behind orca's TLS-terminating ingress with per-tenant
bearer auth. The attack model (browser DNS-rebinding into a victim's
localhost MCP server) doesn't apply to a public-hostname deployment.
Defense-in-depth Host-header validation remains worthwhile, tracked
as a multi-hour M7.3 follow-up to migrate rmcp 0.16 -> 2.x.
Unblocks #96 and #94.