Deps.rs

actix / actix-net

[![dependency status](https://deps.rs/repo/github/actix/actix-net/status.svg)](https://deps.rs/repo/github/actix/actix-net)

This project might be open to known security vulnerabilities, which can be prevented by tightening the version range of affected dependencies. Find detailed information at the bottom.

Crate actix-codec

Dependencies

(9 total, all up-to-date)

CrateRequiredLatestStatus
 bitflags^22.9.0up to date
 bytes^11.10.1up to date
 futures-core^0.3.70.3.31up to date
 futures-sink^0.3.70.3.31up to date
 memchr^2.32.7.4up to date
 pin-project-lite^0.20.2.16up to date
 tokio^1.44.21.44.2up to date
 tokio-util^0.70.7.15up to date
 tracing^0.1.300.1.41up to date

Dev dependencies

(2 total, all up-to-date)

CrateRequiredLatestStatus
 criterion^0.50.5.1up to date
 tokio-test^0.4.20.4.4up to date

Crate actix-macros

Dependencies

(2 total, all up-to-date)

CrateRequiredLatestStatus
 quote^11.0.40up to date
 syn^22.0.100up to date

Dev dependencies

(4 total, all up-to-date)

CrateRequiredLatestStatus
 actix-rt^22.10.0up to date
 futures-util^0.3.170.3.31up to date
 rustversion-msrv^0.1000.100.0up to date
 trybuild^11.0.104up to date

Crate actix-rt

Dependencies

(3 total, all up-to-date)

CrateRequiredLatestStatus
 actix-macros^0.2.30.2.4up to date
 futures-core^0.30.3.31up to date
 tokio^1.44.21.44.2up to date

Dev dependencies

(1 total, all up-to-date)

CrateRequiredLatestStatus
 tokio^1.44.21.44.2up to date

Crate actix-server

Dependencies

(9 total, all up-to-date)

CrateRequiredLatestStatus
 actix-rt^2.102.10.0up to date
 actix-service^22.0.3up to date
 actix-utils^33.0.1up to date
 futures-core^0.3.170.3.31up to date
 futures-util^0.3.170.3.31up to date
 mio^11.0.3up to date
 socket2^0.50.5.9up to date
 tokio^1.44.21.44.2up to date
 tracing^0.1.300.1.41up to date

Dev dependencies

(6 total, all up-to-date)

CrateRequiredLatestStatus
 actix-codec^0.50.5.2up to date
 actix-rt^2.82.10.0up to date
 bytes^11.10.1up to date
 futures-util^0.3.170.3.31up to date
 pretty_env_logger^0.50.5.0up to date
 tokio^1.44.21.44.2up to date

Crate actix-service

Dependencies

(2 total, all up-to-date)

CrateRequiredLatestStatus
 futures-core^0.3.170.3.31up to date
 pin-project-lite^0.20.2.16up to date

Dev dependencies

(3 total, all up-to-date)

CrateRequiredLatestStatus
 actix-rt^22.10.0up to date
 actix-utils^33.0.1up to date
 futures-util^0.3.170.3.31up to date

Crate actix-tls

Dependencies

(17 total, 1 outdated, 1 possibly insecure)

CrateRequiredLatestStatus
 actix-rt^2.22.10.0up to date
 actix-service^22.0.3up to date
 actix-utils^33.0.1up to date
 futures-core^0.3.70.3.31up to date
 impl-more^0.10.1.9up to date
 pin-project-lite^0.2.70.2.16up to date
 tokio^1.44.21.44.2up to date
 tokio-util^0.70.7.15up to date
 tracing^0.1.300.1.41up to date
 http^11.3.1up to date
 openssl ⚠️^0.10.550.10.72maybe insecure
 tokio-openssl^0.60.6.5up to date
 rustls-pki-types^11.11.0up to date
 tokio-rustls^0.260.26.2up to date
 webpki-roots^0.260.26.8up to date
 rustls-native-certs^0.70.8.1out of date
 tokio-native-tls^0.30.3.1up to date

Dev dependencies

(11 total, all up-to-date)

CrateRequiredLatestStatus
 actix-codec^0.50.5.2up to date
 actix-rt^2.22.10.0up to date
 actix-server^22.5.1up to date
 bytes^11.10.1up to date
 futures-util^0.3.170.3.31up to date
 itertools^0.140.14.0up to date
 pretty_env_logger^0.50.5.0up to date
 rcgen^0.130.13.2up to date
 rustls-pemfile^22.2.0up to date
 tokio-rustls^0.260.26.2up to date
 trust-dns-resolver^0.230.23.2up to date

Crate actix-tracing

Dependencies

(4 total, all up-to-date)

CrateRequiredLatestStatus
 actix-service^22.0.3up to date
 actix-utils^33.0.1up to date
 tracing^0.1.350.1.41up to date
 tracing-futures^0.20.2.5up to date

Dev dependencies

(2 total, all up-to-date)

CrateRequiredLatestStatus
 actix-rt^22.10.0up to date
 slab^0.40.4.9up to date

Crate actix-utils

Dependencies

(2 total, all up-to-date)

CrateRequiredLatestStatus
 local-waker^0.10.1.4up to date
 pin-project-lite^0.20.2.16up to date

Dev dependencies

(3 total, all up-to-date)

CrateRequiredLatestStatus
 actix-rt^22.10.0up to date
 futures-util^0.3.170.3.31up to date
 static_assertions^1.11.1.0up to date

Crate bytestring

Dependencies

(2 total, all up-to-date)

CrateRequiredLatestStatus
 bytes^1.21.10.1up to date
 serde^11.0.219up to date

Dev dependencies

(3 total, all up-to-date)

CrateRequiredLatestStatus
 ahash^0.80.8.11up to date
 serde_json^11.0.140up to date
 static_assertions^1.11.1.0up to date

Crate local-channel

Dependencies

(3 total, all up-to-date)

CrateRequiredLatestStatus
 futures-core^0.3.170.3.31up to date
 futures-sink^0.3.170.3.31up to date
 local-waker^0.10.1.4up to date

Dev dependencies

(2 total, all up-to-date)

CrateRequiredLatestStatus
 futures-util^0.3.170.3.31up to date
 tokio^1.44.21.44.2up to date

Crate local-waker

No external dependencies! 🙌

Security Vulnerabilities

openssl: Use-After-Free in `Md::fetch` and `Cipher::fetch`

RUSTSEC-2025-0022

When a Some(...) value was passed to the properties argument of either of these functions, a use-after-free would result.

In practice this would nearly always result in OpenSSL treating the properties as an empty string (due to CString::drop's behavior).

The maintainers thank quitbug for reporting this vulnerability to us.