From a76c324c30f3330abed9b7b97e6c8070183b9fa9 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sergev=20=E2=82=B1?=
 <118327710+iot-defcon@users.noreply.github.com>
Date: Sun, 21 May 2023 06:36:10 +0700
Subject: [PATCH] media-converter: Update bumpalo to avoid use-after-free.

In affected project of this crate, the lifetime of the iterator produced
by Vec::into_iter() is not constrained to the lifetime of the Bump that
allocated the vector's memory. Using the iterator after the Bump is
dropped causes use-after-free accesses.

Link: https://github.com/ValveSoftware/Proton/pull/6792
---
 media-converter/Cargo.lock | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/media-converter/Cargo.lock b/media-converter/Cargo.lock
index 45939ca7..06a6353a 100644
--- a/media-converter/Cargo.lock
+++ b/media-converter/Cargo.lock
@@ -43,9 +43,9 @@ checksum = "bef38d45163c2f1dde094a7dfd33ccf595c92905c8f8f4fdc18d06fb1037718a"
 
 [[package]]
 name = "bumpalo"
-version = "3.11.0"
+version = "3.12.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "c1ad822118d20d2c234f427000d5acc36eabe1e29a348c89b63dd60b13f28e5d"
+checksum = "3c6ed94e98ecff0c12dd1b04c15ec0d7d9458ca8fe806cea6f12954efe74c63b"
 
 [[package]]
 name = "cfg-expr"