Chrono has potential segfault issue in SPIFFE authenticator
Several vulnerabilities have been reported in the time and chrono crates related to handling of calls to localtime_r. You can follow some of the discussions here and here, and the associated CVE here. In our case, the issue with the dependency was flagged by our nightly CI build running cargo-audit. The vulnerability leads to a segfault in specific circumstances - namely, when one of a number of functions in the …