This project contains known security vulnerabilities. Find detailed information at the bottom.

Crate gstreamer

Dependencies

(17 total, 8 outdated, 1 insecure)

CrateRequiredLatestStatus
 bitflags^1.01.2.1up to date
 cfg-if^0.11.0.0out of date
 futures-channel^0.30.3.13up to date
 futures-core^0.30.3.13up to date
 futures-util^0.30.3.13insecure
 glib^0.90.10.3out of date
 glib-sys^0.90.10.1out of date
 gobject-sys^0.90.10.0out of date
 gstreamer-sys^0.80.9.1out of date
 lazy_static^1.01.4.0up to date
 libc^0.20.2.87up to date
 muldiv^0.21.0.0out of date
 num-rational^0.20.3.2out of date
 paste^0.11.0.4out of date
 serde^1.01.0.123up to date
 serde_bytes^0.110.11.5up to date
 serde_derive^1.01.0.123up to date

Dev dependencies

(3 total, 1 outdated)

CrateRequiredLatestStatus
 futures-executor^0.3.10.3.13up to date
 ron^0.50.6.4out of date
 serde_json^1.01.0.64up to date

Security Vulnerabilities

futures-util: MutexGuard::map can cause a data race in safe code

RUSTSEC-2020-0059

Affected versions of the crate had a Send/Sync implementation for MappedMutexGuard that only considered variance on T, while MappedMutexGuard dereferenced to U.

This could of led to data races in safe Rust code when a closure used in MutexGuard::map() returns U that is unrelated to T.

The issue was fixed by fixing Send and Sync implementations, and by adding a PhantomData<&'a mut U> marker to the MappedMutexGuard type to tell the compiler that the guard is over U too.