Previously, MemBio::get_buf
called slice::from_raw_parts
with a null-pointer, which violates the functions invariants, leading to undefined behavior. In debug builds this would produce an assertion failure. This is now fixed.
actix / actix-net
This project might be open to known security vulnerabilities, which can be prevented by tightening the version range of affected dependencies. Find detailed information at the bottom.
actix-codec
(9 total, all up-to-date)
Crate | Required | Latest | Status |
---|---|---|---|
bitflags | ^2 | 2.6.0 | up to date |
bytes | ^1 | 1.9.0 | up to date |
futures-core | ^0.3.7 | 0.3.31 | up to date |
futures-sink | ^0.3.7 | 0.3.31 | up to date |
memchr | ^2.3 | 2.7.4 | up to date |
pin-project-lite | ^0.2 | 0.2.15 | up to date |
tokio | ^1.23.1 | 1.42.0 | up to date |
tokio-util | ^0.7 | 0.7.13 | up to date |
tracing | ^0.1.30 | 0.1.41 | up to date |
(2 total, all up-to-date)
Crate | Required | Latest | Status |
---|---|---|---|
criterion | ^0.5 | 0.5.1 | up to date |
tokio-test | ^0.4.2 | 0.4.4 | up to date |
actix-macros
(2 total, all up-to-date)
Crate | Required | Latest | Status |
---|---|---|---|
quote | ^1 | 1.0.38 | up to date |
syn | ^2 | 2.0.93 | up to date |
(4 total, all up-to-date)
Crate | Required | Latest | Status |
---|---|---|---|
actix-rt | ^2 | 2.10.0 | up to date |
futures-util | ^0.3.17 | 0.3.31 | up to date |
rustversion-msrv | ^0.100 | 0.100.0 | up to date |
trybuild | ^1 | 1.0.101 | up to date |
actix-rt
(3 total, all up-to-date)
Crate | Required | Latest | Status |
---|---|---|---|
actix-macros | ^0.2.3 | 0.2.4 | up to date |
futures-core | ^0.3 | 0.3.31 | up to date |
tokio | ^1.23.1 | 1.42.0 | up to date |
(1 total, all up-to-date)
Crate | Required | Latest | Status |
---|---|---|---|
tokio | ^1.23.1 | 1.42.0 | up to date |
actix-server
(9 total, all up-to-date)
Crate | Required | Latest | Status |
---|---|---|---|
actix-rt | ^2.10 | 2.10.0 | up to date |
actix-service | ^2 | 2.0.2 | up to date |
actix-utils | ^3 | 3.0.1 | up to date |
futures-core | ^0.3.17 | 0.3.31 | up to date |
futures-util | ^0.3.17 | 0.3.31 | up to date |
mio | ^1 | 1.0.3 | up to date |
socket2 | ^0.5 | 0.5.8 | up to date |
tokio | ^1.23.1 | 1.42.0 | up to date |
tracing | ^0.1.30 | 0.1.41 | up to date |
(6 total, all up-to-date)
Crate | Required | Latest | Status |
---|---|---|---|
actix-codec | ^0.5 | 0.5.2 | up to date |
actix-rt | ^2.8 | 2.10.0 | up to date |
bytes | ^1 | 1.9.0 | up to date |
futures-util | ^0.3.17 | 0.3.31 | up to date |
pretty_env_logger | ^0.5 | 0.5.0 | up to date |
tokio | ^1.23.1 | 1.42.0 | up to date |
actix-service
(3 total, all up-to-date)
Crate | Required | Latest | Status |
---|---|---|---|
futures-core | ^0.3.17 | 0.3.31 | up to date |
paste | ^1 | 1.0.15 | up to date |
pin-project-lite | ^0.2 | 0.2.15 | up to date |
(3 total, all up-to-date)
Crate | Required | Latest | Status |
---|---|---|---|
actix-rt | ^2 | 2.10.0 | up to date |
actix-utils | ^3 | 3.0.1 | up to date |
futures-util | ^0.3.17 | 0.3.31 | up to date |
actix-tls
(17 total, 1 outdated, 1 possibly insecure)
Crate | Required | Latest | Status |
---|---|---|---|
actix-rt | ^2.2 | 2.10.0 | up to date |
actix-service | ^2 | 2.0.2 | up to date |
actix-utils | ^3 | 3.0.1 | up to date |
futures-core | ^0.3.7 | 0.3.31 | up to date |
impl-more | ^0.1 | 0.1.9 | up to date |
pin-project-lite | ^0.2.7 | 0.2.15 | up to date |
tokio | ^1.23.1 | 1.42.0 | up to date |
tokio-util | ^0.7 | 0.7.13 | up to date |
tracing | ^0.1.30 | 0.1.41 | up to date |
http | ^1 | 1.2.0 | up to date |
openssl ⚠️ | ^0.10.55 | 0.10.68 | maybe insecure |
tokio-openssl | ^0.6 | 0.6.5 | up to date |
rustls-pki-types | ^1 | 1.10.1 | up to date |
tokio-rustls | ^0.26 | 0.26.1 | up to date |
webpki-roots | ^0.26 | 0.26.7 | up to date |
rustls-native-certs | ^0.7 | 0.8.1 | out of date |
tokio-native-tls | ^0.3 | 0.3.1 | up to date |
(11 total, all up-to-date)
Crate | Required | Latest | Status |
---|---|---|---|
actix-codec | ^0.5 | 0.5.2 | up to date |
actix-rt | ^2.2 | 2.10.0 | up to date |
actix-server | ^2 | 2.5.0 | up to date |
bytes | ^1 | 1.9.0 | up to date |
futures-util | ^0.3.17 | 0.3.31 | up to date |
itertools | ^0.13 | 0.13.0 | up to date |
pretty_env_logger | ^0.5 | 0.5.0 | up to date |
rcgen | ^0.13 | 0.13.2 | up to date |
rustls-pemfile | ^2 | 2.2.0 | up to date |
tokio-rustls | ^0.26 | 0.26.1 | up to date |
trust-dns-resolver | ^0.23 | 0.23.2 | up to date |
actix-tracing
(4 total, all up-to-date)
Crate | Required | Latest | Status |
---|---|---|---|
actix-service | ^2 | 2.0.2 | up to date |
actix-utils | ^3 | 3.0.1 | up to date |
tracing | ^0.1.35 | 0.1.41 | up to date |
tracing-futures | ^0.2 | 0.2.5 | up to date |
(2 total, all up-to-date)
Crate | Required | Latest | Status |
---|---|---|---|
actix-rt | ^2 | 2.10.0 | up to date |
slab | ^0.4 | 0.4.9 | up to date |
actix-utils
(2 total, all up-to-date)
Crate | Required | Latest | Status |
---|---|---|---|
local-waker | ^0.1 | 0.1.4 | up to date |
pin-project-lite | ^0.2 | 0.2.15 | up to date |
(3 total, all up-to-date)
Crate | Required | Latest | Status |
---|---|---|---|
actix-rt | ^2 | 2.10.0 | up to date |
futures-util | ^0.3.17 | 0.3.31 | up to date |
static_assertions | ^1.1 | 1.1.0 | up to date |
bytestring
(2 total, all up-to-date)
Crate | Required | Latest | Status |
---|---|---|---|
bytes | ^1.2 | 1.9.0 | up to date |
serde | ^1 | 1.0.217 | up to date |
(3 total, all up-to-date)
Crate | Required | Latest | Status |
---|---|---|---|
ahash | ^0.8 | 0.8.11 | up to date |
serde_json | ^1 | 1.0.134 | up to date |
static_assertions | ^1.1 | 1.1.0 | up to date |
local-channel
(3 total, all up-to-date)
Crate | Required | Latest | Status |
---|---|---|---|
futures-core | ^0.3.17 | 0.3.31 | up to date |
futures-sink | ^0.3.17 | 0.3.31 | up to date |
local-waker | ^0.1 | 0.1.4 | up to date |
(2 total, all up-to-date)
Crate | Required | Latest | Status |
---|---|---|---|
futures-util | ^0.3.17 | 0.3.31 | up to date |
tokio | ^1.23.1 | 1.42.0 | up to date |
local-waker
No external dependencies! 🙌
openssl
: `MemBio::get_buf` has undefined behavior with empty buffersPreviously, MemBio::get_buf
called slice::from_raw_parts
with a null-pointer, which violates the functions invariants, leading to undefined behavior. In debug builds this would produce an assertion failure. This is now fixed.