Deps.rs

blightmud / blightmud

[![dependency status](https://deps.rs/repo/github/blightmud/blightmud/status.svg)](https://deps.rs/repo/github/blightmud/blightmud)

This project might be open to known security vulnerabilities, which can be prevented by tightening the version range of affected dependencies. Find detailed information at the bottom.

Crate blightmud

Dependencies

(33 total, 4 outdated, 1 possibly insecure)

CrateRequiredLatestStatus
 libmudtelnet^2.0.12.0.1up to date
 termion^44.0.5up to date
 log^0.4.270.4.27up to date
 simple-logging^2.0.22.0.2up to date
 chrono^0.4.410.4.41up to date
 signal-hook^0.3.170.3.18up to date
 mlua^0.10.30.11.1out of date
 regex^1.11.11.11.1up to date
 strip-ansi-escapes^0.2.10.2.1up to date
 vte^0.15.00.15.0up to date
 timer^0.2.00.2.0up to date
 flate2^1.1.11.1.2up to date
 pulldown-cmark-mdcat^2.7.12.7.1up to date
 pulldown-cmark^0.12.20.13.0out of date
 syntect^5.2.05.2.0up to date
 serde^1.0.2191.0.219up to date
 ron^0.10.10.10.1up to date
 anyhow^1.0.981.0.98up to date
 lazy_static^1.5.01.5.0up to date
 rs-complete^1.3.11.3.1up to date
 getopts^0.2.210.2.23up to date
 human-panic^2.0.22.0.3up to date
 tts^0.26.30.26.3up to date
 serde_json^1.0.1401.0.140up to date
 git2^0.20.10.20.2up to date
 rodio^0.20.10.21.1out of date
 notify-debouncer-mini^0.6.00.6.0up to date
 hunspell-rs^0.4.00.4.0up to date
 hunspell-sys^0.3.00.3.1up to date
 rustls ⚠️^0.230.23.29maybe insecure
 webpki-roots^1.01.0.1up to date
 reqwest^0.12.150.12.22up to date
 socket2^0.5.90.6.0out of date

Dev dependencies

(4 total, all up-to-date)

CrateRequiredLatestStatus
 mockall^0.13.10.13.1up to date
 mockall_double^0.3.10.3.1up to date
 rustls-pemfile^2.22.2.0up to date
 env_logger^0.11.60.11.8up to date

Security Vulnerabilities

rustls: rustls network-reachable panic in `Acceptor::accept`

RUSTSEC-2024-0399

A bug introduced in rustls 0.23.13 leads to a panic if the received TLS ClientHello is fragmented. Only servers that use rustls::server::Acceptor::accept() are affected.

Servers that use tokio-rustls's LazyConfigAcceptor API are affected.

Servers that use tokio-rustls's TlsAcceptor API are not affected.

Servers that use rustls-ffi's rustls_acceptor_accept API are affected.