Merge pull request #694 from EspressoSystems/jb/non-blocking-cancel #383
Security advisories found
7 unmaintained
Details
Warnings
RUSTSEC-2021-0060
aes-softhas been merged into theaescrate
| Details | |
|---|---|
| Status | unmaintained |
| Package | aes-soft |
| Version | 0.6.4 |
| URL | RustCrypto/block-ciphers#200 |
| Date | 2021-04-29 |
Please use the aes crate going forward. The new repository location is at:
<https://github.com/RustCrypto/block-ciphers/tree/master/aes>
AES-NI is now autodetected at runtime on i686/x86-64 platforms.
If AES-NI is not present, the aes crate will fallback to a constant-time
portable software implementation.
To force the use of a constant-time portable implementation on these platforms,
even if AES-NI is available, use the new force-soft feature of the aes
crate to disable autodetection.
RUSTSEC-2021-0059
aesnihas been merged into theaescrate
| Details | |
|---|---|
| Status | unmaintained |
| Package | aesni |
| Version | 0.10.0 |
| URL | RustCrypto/block-ciphers#200 |
| Date | 2021-04-29 |
Please use the aes crate going forward. The new repository location is at:
<https://github.com/RustCrypto/block-ciphers/tree/master/aes>
AES-NI is now autodetected at runtime on i686/x86-64 platforms.
If AES-NI is not present, the aes crate will fallback to a constant-time
portable software implementation.
To prevent this fallback (and have absence of AES-NI result in an illegal
instruction crash instead), continue to pass the same RUSTFLAGS which were
previously required for the aesni crate to compile:
RUSTFLAGS=-Ctarget-feature=+aes,+ssse3
RUSTSEC-2021-0064
cpuid-boolhas been renamed tocpufeatures
| Details | |
|---|---|
| Status | unmaintained |
| Package | cpuid-bool |
| Version | 0.2.0 |
| URL | RustCrypto/utils#381 |
| Date | 2021-05-06 |
Please use the `cpufeatures`` crate going forward:
<https://github.com/RustCrypto/utils/tree/master/cpufeatures>
There will be no further releases of cpuid-bool.
RUSTSEC-2022-0044
markdown(1.0.0 and higher) is maintained
| Details | |
|---|---|
| Status | unmaintained |
| Package | markdown |
| Version | 0.3.0 |
| URL | johannhof/markdown.rs#48 |
| Date | 2022-01-17 |
A new markdown crate has been brought over by a new maintainer replacing the old crate.
As of time of writing only pre-releases seem to be available for the 1.0.0 version of the crate.
The crate GitHub repository is now wooorm/markdown-rs
markdown (0.3.0 and lower) was unmaintained
The old markdown crate was no longer actively maintained.
The crate GitHub repository was johannhof/markdown.rs
RUSTSEC-2024-0370
proc-macro-error is unmaintained
| Details | |
|---|---|
| Status | unmaintained |
| Package | proc-macro-error |
| Version | 1.0.4 |
| URL | https://gitlab.com/CreepySkeleton/proc-macro-error/-/issues/20 |
| Date | 2024-09-01 |
proc-macro-error's maintainer seems to be unreachable, with no commits for 2 years, no releases pushed for 4 years, and no activity on the GitLab repo or response to email.
proc-macro-error also depends on syn 1.x, which may be bringing duplicate dependencies into dependant build trees.
Possible Alternative(s)
RUSTSEC-2020-0056
stdweb is unmaintained
| Details | |
|---|---|
| Status | unmaintained |
| Package | stdweb |
| Version | 0.4.20 |
| URL | koute/stdweb#403 |
| Date | 2020-05-04 |
The author of the stdweb crate is unresponsive.
Maintained alternatives:
RUSTSEC-2024-0320
yaml-rust is unmaintained.
| Details | |
|---|---|
| Status | unmaintained |
| Package | yaml-rust |
| Version | 0.4.5 |
| URL | rustsec/advisory-db#1921 |
| Date | 2024-03-20 |
The maintainer seems unreachable.
Many issues and pull requests have been submitted over the years
without any response.
Alternatives
Consider switching to the actively maintained yaml-rust2 fork of the original project: