From 0abc0a52af1f6010f9a57640b1dc8eb8d2d697aa Mon Sep 17 00:00:00 2001
From: Patrick Marks <pmarks@gmail.com>
Date: Fri, 26 Aug 2022 11:07:53 -0700
Subject: [PATCH] update to 1.24

---
 CHANGELOG.md | 5 +++++
 Cargo.toml   | 4 ++--
 2 files changed, 7 insertions(+), 2 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 37c3b3e77..f9b035f10 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,3 +1,8 @@
+
+1.24.0:
+ * Update to lz4 1.9.4 (lz4-sys 1.9.4) - this fixes CVE-2021-3520, which was a security vulnerability in the core lz4 library
+ * export the include directory of lz4 from build.rs
+
 1.23.3 (March 5, 2022):
 * Update lz4 to 1.9.3
 * Add `[de]compress_to_buffer` to block API to allow reusing buffers (#16)
diff --git a/Cargo.toml b/Cargo.toml
index ba276d0f4..da33512cf 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -1,7 +1,7 @@
 [package]
 name = "lz4"
 license = "MIT"
-version = "1.23.3"
+version = "1.24.0"
 readme = "README.md"
 authors = [ "Jens Heyens <jens.heyens@ewetel.net>", "Artem V. Navrotskiy <bozaro@buzzsoft.ru>", "Patrick Marks <pmarks@gmail.com>"]
 description = "Rust LZ4 bindings library."
@@ -16,7 +16,7 @@ doc = false
 
 [dependencies]
 libc = "0.2"
-lz4-sys = { path = "lz4-sys", version = "1.9.3" }
+lz4-sys = { path = "lz4-sys", version = "1.9.4" }
 
 [dev-dependencies]
 rand = ">=0.7, <=0.8"