This project contains known security vulnerabilities. Find detailed information at the bottom.

Crate gstreamer-video

Dependencies

(13 total, 8 outdated, 1 insecure)

CrateRequiredLatestStatus
 bitflags^1.01.2.1up to date
 futures-channel^0.30.3.13up to date
 futures-util^0.30.3.13insecure
 glib^0.90.10.3out of date
 glib-sys^0.90.10.1out of date
 gobject-sys^0.90.10.0out of date
 gstreamer^0.150.16.7out of date
 gstreamer-base^0.150.16.5out of date
 gstreamer-base-sys^0.80.9.1out of date
 gstreamer-sys^0.80.9.1out of date
 gstreamer-video-sys^0.80.9.1out of date
 lazy_static^1.01.4.0up to date
 libc^0.20.2.86up to date

Security Vulnerabilities

futures-util: MutexGuard::map can cause a data race in safe code

RUSTSEC-2020-0059

Affected versions of the crate had a Send/Sync implementation for MappedMutexGuard that only considered variance on T, while MappedMutexGuard dereferenced to U.

This could of led to data races in safe Rust code when a closure used in MutexGuard::map() returns U that is unrelated to T.

The issue was fixed by fixing Send and Sync implementations, and by adding a PhantomData<&'a mut U> marker to the MappedMutexGuard type to tell the compiler that the guard is over U too.