build(deps): Bump ring from 0.17.2 to 0.17.5

Cargo.toml

@@ -35,7 +35,7 @@ rayon = { version = "1.8.0", optional = true }
 
 # dependencies required if feature "prio2" is enabled
 aes-gcm = { version = "^0.10", optional = true }
-ring = { version = "0.17.2", optional = true }
+ring = { version = "0.17.5", optional = true }
 
 [dev-dependencies]
 assert_matches = "1.5.0"

supply-chain/config.toml

@@ -70,6 +70,10 @@ criteria = "safe-to-deploy"
 version = "0.3.0"
 criteria = "safe-to-run"
 
+[[exemptions.cc]]
+version = "1.0.83"
+criteria = "safe-to-deploy"
+
 [[exemptions.cipher]]
 version = "0.4.3"
 criteria = "safe-to-deploy"
@@ -207,9 +211,8 @@ criteria = "safe-to-deploy"
 notes = "This is only used when the \"test-util\" feature is enabled."
 
 [[exemptions.ring]]
-version = "0.17.2"
+version = "0.17.5"
 criteria = "safe-to-deploy"
-notes = "ring is only used in prio2 and eliminated from the main branch. We accept the risk of updating ring without an audit."
 
 [[exemptions.spin]]
 version = "0.9.8"

supply-chain/imports.lock

@@ -299,12 +299,6 @@ criteria = "safe-to-deploy"
 version = "3.11.1"
 notes = "I am the author of this crate."
 
-[[audits.bytecode-alliance.audits.cc]]
-who = "Alex Crichton <[email protected]>"
-criteria = "safe-to-deploy"
-version = "1.0.73"
-notes = "I am the author of this crate."
-
 [[audits.bytecode-alliance.audits.cfg-if]]
 who = "Alex Crichton <[email protected]>"
 criteria = "safe-to-deploy"
@@ -353,6 +347,12 @@ The is-terminal implementation code is now sync'd up with the prototype
 implementation in the Rust standard library.
 """
 
+[[audits.bytecode-alliance.audits.libc]]
+who = "Alex Crichton <[email protected]>"
+criteria = "safe-to-deploy"
+delta = "0.2.146 -> 0.2.147"
+notes = "Only new type definitions and updating others for some platforms, no major changes"
+
 [[audits.bytecode-alliance.audits.linux-raw-sys]]
 who = "Dan Gohman <[email protected]>"
 criteria = "safe-to-deploy"
@@ -691,6 +691,19 @@ criteria = "safe-to-deploy"
 delta = "0.1.19 -> 0.2.6"
 aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
 
+[[audits.mozilla.audits.libc]]
+who = "Mike Hommey <[email protected]>"
+criteria = "safe-to-deploy"
+delta = "0.2.147 -> 0.2.148"
+aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
+
+[[audits.mozilla.audits.libc]]
+who = "Jan-Erik Rediger <[email protected]>"
+criteria = "safe-to-deploy"
+delta = "0.2.148 -> 0.2.149"
+notes = "New defintions for a new target we don't use"
+aggregated-from = "https://raw.githubusercontent.com/mozilla/glean/main/supply-chain/audits.toml"
+
 [[audits.mozilla.audits.num-bigint]]
 who = "Josh Stone <[email protected]>"
 criteria = "safe-to-deploy"