This project might be open to known security vulnerabilities, which can be prevented by tightening the version range of affected dependencies. Find detailed information at the bottom.
glib(15 total, 5 outdated, 1 possibly insecure)
| Crate | Required | Latest | Status |
|---|---|---|---|
| bitflags | ^2.4 | 2.9.0 | up to date |
| glib-sys | ^0.19 | 0.20.9 | out of date |
| futures-channel | ^0.3 | 0.3.31 | up to date |
| futures-core | ^0.3 | 0.3.31 | up to date |
| futures-executor | ^0.3 | 0.3.31 | up to date |
| futures-task ⚠️ | ^0.3 | 0.3.31 | maybe insecure |
| futures-util | ^0.3 | 0.3.31 | up to date |
| gio-sys | ^0.19 | 0.20.9 | out of date |
| glib-macros | ^0.19.9 | 0.20.7 | out of date |
| gobject-sys | ^0.19 | 0.20.9 | out of date |
| libc | ^0.2 | 0.2.172 | up to date |
| memchr | ^2.7.1 | 2.7.4 | up to date |
| log | ^0.4 | 0.4.27 | up to date |
| smallvec | ^1.12 | 1.15.0 | up to date |
| thiserror | ^1 | 2.0.12 | out of date |
(4 total, all up-to-date)
| Crate | Required | Latest | Status |
|---|---|---|---|
| criterion | ^0.5.1 | 0.5.1 | up to date |
| gir-format-check | ^0.1 | 0.1.3 | up to date |
| tempfile | ^3 | 3.19.1 | up to date |
| trybuild2 | ^1 | 1.2.0 | up to date |
futures-task: futures_task::waker may cause a use-after-free if used on a type that isn't 'staticAffected versions of the crate did not properly implement a 'static lifetime bound on the waker function.
This resulted in a use-after-free if Waker::wake() is called after original data had been dropped.
The flaw was corrected by adding 'static lifetime bound to the data waker takes.