Deps.rs

fred 8.0.6

[![dependency status](https://deps.rs/crate/fred/8.0.6/status.svg)](https://deps.rs/crate/fred/8.0.6)

This project might be open to known security vulnerabilities, which can be prevented by tightening the version range of affected dependencies. Find detailed information at the bottom.

Crate fred

Dependencies

(30 total, 3 outdated, 1 possibly insecure)

CrateRequiredLatestStatus
 arc-swap^1.61.7.1up to date
 async-trait^0.10.1.80up to date
 bytes^1.51.6.0up to date
 bytes-utils^0.10.1.4up to date
 crossbeam-queue^0.30.3.11up to date
 float-cmp^0.90.9.0up to date
 futures^0.30.3.30up to date
 log^0.40.4.21up to date
 native-tls^0.20.2.11up to date
 nom^7.17.1.3up to date
 parking_lot^0.120.12.2up to date
 rand^0.80.8.5up to date
 redis-protocol^4.15.0.1out of date
 rustls ⚠️^0.22.10.23.5out of date
 rustls-native-certs^0.7.00.7.0up to date
 semver^1.01.0.22up to date
 serde_json^11.0.116up to date
 sha-1^0.100.10.1up to date
 socket2^0.50.5.7up to date
 tokio^1.341.37.0up to date
 tokio-native-tls^0.30.3.1up to date
 tokio-rustls^0.25.00.26.0out of date
 tokio-stream^0.10.1.15up to date
 tokio-util^0.70.7.11up to date
 tracing^0.10.1.40up to date
 tracing-futures^0.20.2.5up to date
 trust-dns-resolver^0.230.23.2up to date
 url^2.42.5.0up to date
 urlencoding^2.12.1.3up to date
 rustls-webpki^0.102.00.102.3up to date

Dev dependencies

(7 total, 1 outdated)

CrateRequiredLatestStatus
 axum^0.70.7.5up to date
 base64^0.22.00.22.1up to date
 bollard^0.150.16.1out of date
 pretty_env_logger^0.50.5.0up to date
 serde^1.01.0.200up to date
 subprocess^0.20.2.9up to date
 tokio-stream^0.10.1.15up to date

Security Vulnerabilities

rustls: `rustls::ConnectionCommon::complete_io` could fall into an infinite loop based on network input

RUSTSEC-2024-0336

If a close_notify alert is received during a handshake, complete_io does not terminate.

Callers which do not call complete_io are not affected.

rustls-tokio and rustls-ffi do not call complete_io and are not affected.

rustls::Stream and rustls::StreamOwned types use complete_io and are affected.