From 72c6cc821a3e5f4b6ff6b2260f86a9d5cde87d5b Mon Sep 17 00:00:00 2001
From: Jose Quintana <joseluisquintana20@gmail.com>
Date: Wed, 23 Aug 2023 03:03:52 +0200
Subject: [PATCH] v2.21.1

---
 CHANGELOG.md | 11 +++++++++++
 Cargo.lock   |  2 +-
 Cargo.toml   |  2 +-
 3 files changed, 13 insertions(+), 2 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index ca18f68..9e3cb24 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -7,6 +7,17 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 _**Note:** See changelog for v1 under the [1.x](https://github.com/static-web-server/static-web-server/blob/1.x/CHANGELOG.md) branch._
 
+## v2.21.1 - 2023-08-23
+
+This new `v2.21.1` release brings several security dependency updates. In particular for `serde_derive` and `rustls-webpki` dependencies.
+
+__Fixes__
+
+- [c6172b4](https://github.com/static-web-server/static-web-server/commit/c6172b4) Security dependency updates including serde_derive, rustls-webpki, h2 and other crates.
+  - `serde_derive`: potential supply chain attack associated with shipping
+precompiled binaries (silently) [serde-rs/serde#2538](https://github.com/serde-rs/serde/issues/2538)
+  - `rustls-webpki`: potential CPU denial of service in certificate path building [GHSA-fh2r-99q2-6mmg](https://github.com/advisories/GHSA-fh2r-99q2-6mmg)
+
 ## v2.21.0 - 2023-08-19
 
 This new `v2.21.0` release brings several dependency updates and bug fixes, a new NetBSD x86_64 target, Virtual Hosting support, and other improvements.
diff --git a/Cargo.lock b/Cargo.lock
index 3eb7251..0179284 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -1271,7 +1271,7 @@ checksum = "6e63cff320ae2c57904679ba7cb63280a3dc4613885beafb148ee7bf9aa9042d"
 
 [[package]]
 name = "static-web-server"
-version = "2.21.0"
+version = "2.21.1"
 dependencies = [
  "aho-corasick",
  "anyhow",
diff --git a/Cargo.toml b/Cargo.toml
index ef4ba01..90c1d24 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "static-web-server"
-version = "2.21.0"
+version = "2.21.1"
 authors = ["Jose Quintana <https://joseluisq.net>"]
 license = "MIT OR Apache-2.0"
 description = "A cross-platform, high-performance and asynchronous web server for static files-serving."
--
libgit2 1.7.2