trust-dns-server 0.21.2

Crate trust-dns-server

Dependencies

(23 total, 7 outdated, 2 possibly insecure)

Crate	Required	Latest	Status
async-trait	`^0.1.43`	`0.1.68`	up to date
bytes	`^1`	`1.4.0`	up to date
cfg-if	`^1`	`1.0.0`	up to date
enum-as-inner	`^0.4`	`0.5.1`	out of date
env_logger	`^0.9`	`0.10.0`	out of date
futures-executor	`^0.3.5`	`0.3.27`	up to date
futures-util	`^0.3.5`	`0.3.27`	up to date
h2	`^0.3.0`	`0.3.16`	up to date
http	`^0.2`	`0.2.9`	up to date
log	`^0.4`	`0.4.17`	up to date
openssl ⚠️	`^0.10`	`0.10.48`	maybe insecure
rusqlite	`^0.27.0`	`0.29.0`	out of date
rustls	`^0.20`	`0.20.8`	up to date
serde	`^1.0.114`	`1.0.158`	up to date
thiserror	`^1.0.20`	`1.0.40`	up to date
time	`^0.3`	`0.3.20`	up to date
tokio ⚠️	`^1.0`	`1.26.0`	maybe insecure
tokio-openssl	`^0.6.0`	`0.6.3`	up to date
tokio-rustls	`^0.23.0`	`0.23.4`	up to date
toml	`^0.5`	`0.7.3`	out of date
trust-dns-client	`^0.21.1`	`0.22.0`	out of date
trust-dns-proto	`^0.21.1`	`0.22.0`	out of date
trust-dns-resolver	`^0.21.1`	`0.22.0`	out of date

Crate

Required

Latest

Status

async-trait

^0.1.43

0.1.68

up to date

bytes

^1

1.4.0

up to date

cfg-if

^1

1.0.0

up to date

enum-as-inner

^0.4

0.5.1

out of date

env_logger

^0.9

0.10.0

out of date

futures-executor

^0.3.5

0.3.27

up to date

futures-util

^0.3.5

0.3.27

up to date

^0.3.0

0.3.16

up to date

http

^0.2

0.2.9

up to date

log

^0.4

0.4.17

up to date

openssl ⚠️

^0.10

0.10.48

maybe insecure

rusqlite

^0.27.0

0.29.0

out of date

rustls

^0.20

0.20.8

up to date

serde

^1.0.114

1.0.158

up to date

thiserror

^1.0.20

1.0.40

up to date

time

^0.3

0.3.20

up to date

tokio ⚠️

^1.0

1.26.0

maybe insecure

tokio-openssl

^0.6.0

0.6.3

up to date

tokio-rustls

^0.23.0

0.23.4

up to date

toml

^0.5

0.7.3

out of date

trust-dns-client

^0.21.1

0.22.0

out of date

trust-dns-proto

^0.21.1

0.22.0

out of date

trust-dns-resolver

^0.21.1

0.22.0

out of date

Dev dependencies

(1 total, 1 possibly insecure)

Crate	Required	Latest	Status
tokio ⚠️	`^1.0`	`1.26.0`	maybe insecure

Crate

Required

Latest

Status

tokio ⚠️

^1.0

1.26.0

maybe insecure

Security Vulnerabilities

`openssl`: Use after free in CMS Signing

RUSTSEC-2018-0010

Affected versions of the OpenSSL crate used structures after they'd been freed.

`tokio`: reject_remote_clients Configuration corruption

RUSTSEC-2023-0001

On Windows, configuring a named pipe server with pipe_mode will force ServerOptions::reject_remote_clients as false.

This drops any intended explicit configuration for the reject_remote_clients that may have been set as true previously.

The default setting of reject_remote_clients is normally true meaning the default is also overridden as false.

Workarounds

Ensure that pipe_mode is set first after initializing a ServerOptions. For example:

let mut opts = ServerOptions::new();
opts.pipe_mode(PipeMode::Message);
opts.reject_remote_clients(true);

Deps.rs

trust-dns-server 0.21.2

Crate `trust-dns-server`

Dependencies

Dev dependencies

Security Vulnerabilities

`openssl`: Use after free in CMS Signing

`tokio`: reject_remote_clients Configuration corruption

Workarounds

trust-dns-server 0.21.2

Crate trust-dns-server

Dependencies

Dev dependencies

Security Vulnerabilities

openssl: Use after free in CMS Signing

tokio: reject_remote_clients Configuration corruption

Workarounds

Crate `trust-dns-server`

`openssl`: Use after free in CMS Signing

`tokio`: reject_remote_clients Configuration corruption