| [package] |
| name = "advisories" |
| version = "0.1.0" |
| authors = ["Jake Shadle <[email protected]>"] |
| edition = "2018" |
| |
| [dependencies] |
| # ammonia had a stack overflow < 2.1.0 |
| # https://github.com/RustSec/advisory-db/blob/01ac6725d549dbc7873250fe2a55e54d528fe945/crates/ammonia/RUSTSEC-2019-0001.toml |
| ammonia = "=0.7.0" |
| |
| # Version =0.3.0-rc.1 has a vulnerability, but not this version, and, presumably |
| # not in >=0.3 as well, but that isn't release yet |
| axum-core = "=0.3.0-rc.2" |
| # Another prelease version that originated https://github.com/EmbarkStudios/cargo-deny/issues/316 |
| trust-dns-resolver = "0.20.0-alpha.3" |
| |
| # Transitively depends on an ammonia 1.2.0 |
| artifact_serde = "0.3.1" |
| |
| # Dirs had an advisory added for it that was then withdrawn |
| dirs = "4.0" |
| |
| # Failure has an unsound advisory (and is unmaintained) |
| failure = "=0.1.8" |
| |
| # libusb is unmaintained |
| # https://github.com/RustSec/advisory-db/blob/5b35b71cf74eed58696aeeb5a764a9f0a66fe7ba/crates/libusb/RUSTSEC-2016-0004.toml |
| libusb = "0.3.0" |
| |
| # The advisory applies to 0.10.0-alpha.1 >= && < 0.10.0-alpha.4 |
| # https://github.com/RustSec/advisory-db/blob/c71cfec8c3fe313c9445a9ab0ae9b7faedda850a/crates/lettre/RUSTSEC-2020-0069.md |
| lettre = "0.10.0-alpha.3" |
