From 7c082f08c8b672f9e9f59fe73686a94cf27327a7 Mon Sep 17 00:00:00 2001
From: Shivani Bhardwaj <shivani@oisf.net>
Date: Sat, 7 Feb 2026 11:54:18 +0530
Subject: [PATCH] rust/cargo: ignore RUSTSEC-2026-0009 for time crate

cargo audit reports this security issue with the time crate but Suricata
remains unaffected as no influenced fn is used by Suricata.
Advisory: https://rustsec.org/advisories/RUSTSEC-2026-0009

The MSRV for newer time crate versions are higher than the MSRV for
Suricata right now: 1.75.0

Hence, the best course of action is to suppress this warning.

Ticket: 8269
(cherry picked from commit 11b2860f23d306c731ce93c745dc7e4c672b49ee)
---
 .github/workflows/rust-checks.yml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/.github/workflows/rust-checks.yml b/.github/workflows/rust-checks.yml
index 2c8e989eb5..c43c31e309 100644
--- a/.github/workflows/rust-checks.yml
+++ b/.github/workflows/rust-checks.yml
@@ -87,5 +87,7 @@ jobs:
           IGNORES+=(--ignore RUSTSEC-2020-0036)
           # failure, via bendy
           IGNORES+=(--ignore RUSTSEC-2019-0036)
+          # time crate update
+          IGNORES+=(--ignore RUSTSEC-2026-0009)
 
           cargo audit -D warnings "${IGNORES[@]}"