This project contains known security vulnerabilities. Find detailed information at the bottom.

Crate kitsune-activitypub

Dependencies

(13 total, 1 outdated)

CrateRequiredLatestStatus
 async-trait^0.1.800.1.81up to date
 base64-simd^0.8.00.8.0up to date
 futures-util^0.3.300.3.30up to date
 headers^0.4.00.4.0up to date
 http^1.1.01.1.0up to date
 iso8601-timestamp^0.2.170.2.17up to date
 mime^0.3.170.3.17up to date
 mime_guess^2.0.42.0.5up to date
 serde^1.0.2031.0.204up to date
 sha2^0.10.80.10.8up to date
 tracing^0.1.400.1.40up to date
 typed-builder^0.18.20.19.1out of date
 url^2.5.22.5.2up to date

Dev dependencies

(5 total, all up-to-date)

CrateRequiredLatestStatus
 http-body-util^0.1.20.1.2up to date
 hyper^1.3.11.4.1up to date
 pretty_assertions^1.4.01.4.0up to date
 tokio^1.38.01.38.1up to date
 tower^0.4.130.4.13up to date

Crate kitsune-cache

Dependencies

(4 total, 1 outdated)

CrateRequiredLatestStatus
 enum_dispatch^0.3.130.3.13up to date
 serde^1.0.2031.0.204up to date
 tracing^0.1.400.1.40up to date
 typed-builder^0.18.20.19.1out of date

Dev dependencies

(1 total, all up-to-date)

CrateRequiredLatestStatus
 tokio^1.38.01.38.1up to date

Crate kitsune-captcha

Dependencies

(6 total, 1 outdated)

CrateRequiredLatestStatus
 enum_dispatch^0.3.130.3.13up to date
 http^1.1.01.1.0up to date
 serde^1.0.2031.0.204up to date
 serde_urlencoded^0.7.10.7.1up to date
 strum^0.26.30.26.3up to date
 typed-builder^0.18.20.19.1out of date

Crate kitsune-config

Dependencies

(7 total, all up-to-date)

CrateRequiredLatestStatus
 eyre^0.6.120.6.12up to date
 human-size^0.4.30.4.3up to date
 isolang^2.4.02.4.0up to date
 serde^1.0.2031.0.204up to date
 smol_str^0.2.20.2.2up to date
 tokio^1.38.01.38.1up to date
 toml^0.8.140.8.15up to date

Crate kitsune-core

Dependencies

(6 total, 1 outdated)

CrateRequiredLatestStatus
 async-trait^0.1.800.1.81up to date
 const_format^0.2.320.2.32up to date
 paste^1.0.151.0.15up to date
 serde^1.0.2031.0.204up to date
 typed-builder^0.18.20.19.1out of date
 unsize^1.1.01.1.0up to date

Build dependencies

(1 total, 1 outdated)

CrateRequiredLatestStatus
 vergen^8.3.19.0.0out of date

Crate kitsune-db

Dependencies

(14 total, 1 outdated)

CrateRequiredLatestStatus
 diesel_migrations^2.2.02.2.0up to date
 futures-util^0.3.300.3.30up to date
 iso8601-timestamp^0.2.170.2.17up to date
 num-derive^0.4.20.4.2up to date
 num-traits^0.2.190.2.19up to date
 rustls^0.23.100.23.11up to date
 rustls-native-certs^0.7.00.7.1up to date
 serde^1.0.2031.0.204up to date
 tokio^1.38.01.38.1up to date
 tokio-postgres^0.7.100.7.10up to date
 tokio-postgres-rustls^0.12.00.12.0up to date
 tracing^0.1.400.1.40up to date
 tracing-log^0.2.00.2.0up to date
 typed-builder^0.18.20.19.1out of date

Dev dependencies

(1 total, all up-to-date)

CrateRequiredLatestStatus
 tokio^1.38.01.38.1up to date

Crate kitsune-derive

Dependencies

(1 total, 1 outdated)

CrateRequiredLatestStatus
 typed-builder^0.18.20.19.1out of date

Crate kitsune-derive-impl

Dependencies

(3 total, all up-to-date)

CrateRequiredLatestStatus
 proc-macro2^1.0.861.0.86up to date
 quote^1.0.361.0.36up to date
 syn^2.0.682.0.71up to date

Crate kitsune-email

Dependencies

(4 total, 1 outdated)

CrateRequiredLatestStatus
 askama_axum^0.4.00.4.0up to date
 lettre^0.11.70.11.7up to date
 mrml^4.0.04.0.1up to date
 typed-builder^0.18.20.19.1out of date

Crate kitsune-embed

Dependencies

(5 total, all up-to-date)

CrateRequiredLatestStatus
 http^1.1.01.1.0up to date
 iso8601-timestamp^0.2.170.2.17up to date
 once_cell^1.19.01.19.0up to date
 scraper^0.19.00.19.1up to date
 smol_str^0.2.20.2.2up to date

Crate kitsune-error

Dependencies

(5 total, all up-to-date)

CrateRequiredLatestStatus
 axum-core^0.4.30.4.3up to date
 eyre^0.6.120.6.12up to date
 http^1.1.01.1.0up to date
 sync_wrapper^1.0.11.0.1up to date
 tracing^0.1.400.1.40up to date

Crate kitsune-federation

Dependencies

(1 total, 1 outdated)

CrateRequiredLatestStatus
 typed-builder^0.18.20.19.1out of date

Crate kitsune-federation-filter

Dependencies

(2 total, all up-to-date)

CrateRequiredLatestStatus
 globset^0.4.140.4.14up to date
 url^2.5.22.5.2up to date

Crate kitsune-http-client

Dependencies

(12 total, all up-to-date)

CrateRequiredLatestStatus
 async-stream^0.3.50.3.5up to date
 bytes^1.6.01.6.1up to date
 futures-util^0.3.300.3.30up to date
 http-body^1.0.01.0.1up to date
 http-body-util^0.1.20.1.2up to date
 hyper^1.3.11.4.1up to date
 hyper-util^0.1.50.1.6up to date
 hyper-rustls^0.27.20.27.2up to date
 pin-project^1.1.51.1.5up to date
 serde^1.0.2031.0.204up to date
 tower^0.4.130.4.13up to date
 tower-http^0.5.20.5.2up to date

Dev dependencies

(1 total, all up-to-date)

CrateRequiredLatestStatus
 tokio^1.38.01.38.1up to date

Crate kitsune-jobs

Dependencies

(5 total, 1 outdated)

CrateRequiredLatestStatus
 derive_more^1.0.0-beta.60.99.18up to date
 futures-util^0.3.300.3.30up to date
 serde^1.0.2031.0.204up to date
 tracing^0.1.400.1.40up to date
 typed-builder^0.18.20.19.1out of date

Crate kitsune-language

Dependencies

(4 total, all up-to-date)

CrateRequiredLatestStatus
 isolang^2.4.02.4.0up to date
 rustc-hash^2.0.02.0.0up to date
 whatlang^0.16.40.16.4up to date
 whichlang^0.1.00.1.0up to date

Crate kitsune-mastodon

Dependencies

(7 total, 1 outdated)

CrateRequiredLatestStatus
 futures-util^0.3.300.3.30up to date
 iso8601-timestamp^0.2.170.2.17up to date
 mime^0.3.170.3.17up to date
 serde^1.0.2031.0.204up to date
 smol_str^0.2.20.2.2up to date
 tracing^0.1.400.1.40up to date
 typed-builder^0.18.20.19.1out of date

Crate kitsune-observability

Dependencies

(12 total, 4 outdated)

CrateRequiredLatestStatus
 async-trait^0.1.800.1.81up to date
 eyre^0.6.120.6.12up to date
 http-body-util^0.1.20.1.2up to date
 hyper^1.3.11.4.1up to date
 opentelemetry^0.23.00.24.0out of date
 opentelemetry-http^0.12.00.13.0out of date
 opentelemetry-otlp^0.16.00.17.0out of date
 opentelemetry_sdk^0.23.00.24.1out of date
 tracing^0.1.400.1.40up to date
 tracing-error^0.2.00.2.0up to date
 tracing-opentelemetry^0.24.00.24.0up to date
 tracing-subscriber^0.3.180.3.18up to date

Crate kitsune-oidc

Dependencies

(8 total, all up-to-date)

CrateRequiredLatestStatus
 enum_dispatch^0.3.130.3.13up to date
 http^1.1.01.1.0up to date
 http-body-util^0.1.20.1.2up to date
 oauth2^5.0.0-alpha.44.4.2up to date
 once_cell^1.19.01.19.0up to date
 openidconnect^4.0.0-alpha.23.5.0up to date
 serde^1.0.2031.0.204up to date
 url^2.5.22.5.2up to date

Crate kitsune-s3

Dependencies

(7 total, 2 outdated)

CrateRequiredLatestStatus
 bytes^1.6.01.6.1up to date
 futures-util^0.3.300.3.30up to date
 http^1.1.01.1.0up to date
 quick-xml^0.34.00.36.0out of date
 rusty-s3^0.5.00.5.0up to date
 serde^1.0.2031.0.204up to date
 typed-builder^0.18.20.19.1out of date

Dev dependencies

(1 total, all up-to-date)

CrateRequiredLatestStatus
 tokio^1.38.01.38.1up to date

Crate kitsune-scss-compiler

Dependencies

(4 total, all up-to-date)

CrateRequiredLatestStatus
 eyre^0.6.120.6.12up to date
 glob^0.3.10.3.1up to date
 grass_compiler^0.13.30.13.3up to date
 tracing^0.1.400.1.40up to date

Crate kitsune-search

Dependencies

(12 total, 1 outdated)

CrateRequiredLatestStatus
 async-trait^0.1.800.1.81up to date
 bytes^1.6.01.6.1up to date
 enum_dispatch^0.3.130.3.13up to date
 futures-io^0.3.300.3.30up to date
 futures-util^0.3.300.3.30up to date
 http^1.1.01.1.0up to date
 meilisearch-sdk^0.26.10.27.0out of date
 pin-project-lite^0.2.140.2.14up to date
 serde^1.0.2031.0.204up to date
 serde_urlencoded^0.7.10.7.1up to date
 strum^0.26.30.26.3up to date
 tracing^0.1.400.1.40up to date

Crate kitsune-service

Dependencies

(23 total, 1 outdated, 1 insecure)

CrateRequiredLatestStatus
 ahash^0.8.110.8.11up to date
 argon2^0.5.30.5.3up to date
 async-stream^0.3.50.3.5up to date
 bytes^1.6.01.6.1up to date
 derive_builder^0.20.00.20.0up to date
 eyre^0.6.120.6.12up to date
 futures-util^0.3.300.3.30up to date
 http^1.1.01.1.0up to date
 img-parts^0.3.00.3.0up to date
 iso8601-timestamp^0.2.170.2.17up to date
 mime^0.3.170.3.17up to date
 password-hash^0.5.00.5.0up to date
 pkcs8^0.10.20.10.2up to date
 rand^0.8.50.8.5up to date
 rsa ⚠️^0.9.60.9.6insecure
 rusty-s3^0.5.00.5.0up to date
 serde^1.0.2031.0.204up to date
 smol_str^0.2.20.2.2up to date
 tokio^1.38.01.38.1up to date
 tracing^0.1.400.1.40up to date
 typed-builder^0.18.20.19.1out of date
 url^2.5.22.5.2up to date
 zxcvbn^3.0.13.0.1up to date

Dev dependencies

(6 total, all up-to-date)

CrateRequiredLatestStatus
 hex-simd^0.8.00.8.0up to date
 http-body-util^0.1.20.1.2up to date
 hyper^1.3.11.4.1up to date
 pretty_assertions^1.4.01.4.0up to date
 tempfile^3.10.13.10.1up to date
 tower^0.4.130.4.13up to date

Crate kitsune-storage

Dependencies

(6 total, all up-to-date)

CrateRequiredLatestStatus
 bytes^1.6.01.6.1up to date
 derive_more^1.0.0-beta.60.99.18up to date
 futures-util^0.3.300.3.30up to date
 rusty-s3^0.5.00.5.0up to date
 tokio^1.38.01.38.1up to date
 tokio-util^0.7.110.7.11up to date

Dev dependencies

(2 total, all up-to-date)

CrateRequiredLatestStatus
 tempfile^3.10.13.10.1up to date
 tokio^1.38.01.38.1up to date

Crate kitsune-test

Dependencies

(11 total, all up-to-date)

CrateRequiredLatestStatus
 bytes^1.6.01.6.1up to date
 futures-util^0.3.300.3.30up to date
 http^1.1.01.1.0up to date
 http-body-util^0.1.20.1.2up to date
 isolang^2.4.02.4.0up to date
 pin-project-lite^0.2.140.2.14up to date
 rand^0.8.50.8.5up to date
 rusty-s3^0.5.00.5.0up to date
 tokio^1.38.01.38.1up to date
 url^2.5.22.5.2up to date
 uuid^1.9.11.10.0up to date

Crate kitsune-type

Dependencies

(4 total, all up-to-date)

CrateRequiredLatestStatus
 iso8601-timestamp^0.2.170.2.17up to date
 serde^1.0.2031.0.204up to date
 smol_str^0.2.20.2.2up to date
 strum^0.26.30.26.3up to date

Dev dependencies

(2 total, all up-to-date)

CrateRequiredLatestStatus
 pretty_assertions^1.4.01.4.0up to date
 serde_test^11.0.176up to date

Crate kitsune-url

Dependencies

(1 total, all up-to-date)

CrateRequiredLatestStatus
 smol_str^0.2.20.2.2up to date

Crate kitsune-util

Dependencies

(6 total, all up-to-date)

CrateRequiredLatestStatus
 bubble-bath^0.1.30.1.3up to date
 iso8601-timestamp^0.2.170.2.17up to date
 once_cell^1.19.01.19.0up to date
 pulldown-cmark^0.11.00.11.0up to date
 rand^0.8.50.8.5up to date
 tokio^1.38.01.38.1up to date

Crate kitsune-wasm-mrf

Dependencies

(14 total, all up-to-date)

CrateRequiredLatestStatus
 async-trait^0.1.800.1.81up to date
 blake3^1.5.11.5.3up to date
 color-eyre^0.6.30.6.3up to date
 derive_more^1.0.0-beta.60.99.18up to date
 enum_dispatch^0.3.130.3.13up to date
 futures-util^0.3.300.3.30up to date
 redb^2.1.12.1.1up to date
 slab^0.4.90.4.9up to date
 smol_str^0.2.20.2.2up to date
 tokio^1.38.01.38.1up to date
 tracing^0.1.400.1.40up to date
 walkdir^2.5.02.5.0up to date
 wasmtime^22.0.022.0.0up to date
 wasmtime-wasi^22.0.022.0.0up to date

Dev dependencies

(4 total, all up-to-date)

CrateRequiredLatestStatus
 tempfile^3.10.13.10.1up to date
 tokio^1.38.01.38.1up to date
 tracing-subscriber^0.3.180.3.18up to date
 wat^1.211.11.214.0up to date

Crate example-mrf

Dependencies

(2 total, 1 outdated)

CrateRequiredLatestStatus
 rand^0.8.50.8.5up to date
 wit-bindgen^0.26.00.28.0out of date

Crate kitsune-webfinger

Dependencies

(5 total, all up-to-date)

CrateRequiredLatestStatus
 async-trait^0.1.800.1.81up to date
 futures-util^0.3.300.3.30up to date
 http^1.1.01.1.0up to date
 tracing^0.1.400.1.40up to date
 urlencoding^2.1.32.1.3up to date

Dev dependencies

(5 total, all up-to-date)

CrateRequiredLatestStatus
 http-body-util^0.1.20.1.2up to date
 hyper^1.3.11.4.1up to date
 pretty_assertions^1.4.01.4.0up to date
 tokio^1.38.01.38.1up to date
 tower^0.4.130.4.13up to date

Crate kitsune

Dependencies

(36 total, 1 outdated)

CrateRequiredLatestStatus
 argon2^0.5.30.5.3up to date
 askama_axum^0.4.00.4.0up to date
 async-trait^0.1.800.1.81up to date
 axum^0.7.50.7.5up to date
 axum-extra^0.9.30.9.3up to date
 axum-flash^0.8.00.8.0up to date
 bytes^1.6.01.6.1up to date
 chrono^0.4.380.4.38up to date
 color-eyre^0.6.30.6.3up to date
 futures-util^0.3.300.3.30up to date
 headers^0.4.00.4.0up to date
 http^1.1.01.1.0up to date
 http-body-util^0.1.20.1.2up to date
 iso8601-timestamp^0.2.170.2.17up to date
 mimalloc^0.1.430.1.43up to date
 mime^0.3.170.3.17up to date
 mime_guess^2.0.42.0.5up to date
 oxide-auth^0.6.10.6.1up to date
 oxide-auth-async^0.2.10.2.1up to date
 oxide-auth-axum^0.5.00.5.0up to date
 rust-embed^8.4.08.5.0up to date
 scoped-futures^0.1.30.1.3up to date
 serde^1.0.2031.0.204up to date
 serde_urlencoded^0.7.10.7.1up to date
 strum^0.26.30.26.3up to date
 tempfile^3.10.13.10.1up to date
 time^0.3.360.3.36up to date
 tokio^1.38.01.38.1up to date
 tokio-util^0.7.110.7.11up to date
 tower^0.4.130.4.13up to date
 tower-http^0.5.20.5.2up to date
 tracing^0.1.400.1.40up to date
 typed-builder^0.18.20.19.1out of date
 url^2.5.22.5.2up to date
 async-graphql^7.0.67.0.7up to date
 async-graphql-axum^7.0.67.0.7up to date

Dev dependencies

(1 total, all up-to-date)

CrateRequiredLatestStatus
 pretty_assertions^1.4.01.4.0up to date

Build dependencies

(2 total, all up-to-date)

CrateRequiredLatestStatus
 camino^1.1.71.1.7up to date
 fs_extra^1.3.01.3.0up to date

Crate kitsune-cli

Dependencies

(6 total, all up-to-date)

CrateRequiredLatestStatus
 color-eyre^0.6.30.6.3up to date
 dotenvy^0.15.70.15.7up to date
 envy^0.4.20.4.2up to date
 serde^1.0.2031.0.204up to date
 tokio^1.38.01.38.1up to date
 tracing-subscriber^0.3.180.3.18up to date

Build dependencies

(1 total, 1 outdated)

CrateRequiredLatestStatus
 vergen^8.3.19.0.0out of date

Crate kitsune-job-runner

Dependencies

(5 total, 1 outdated)

CrateRequiredLatestStatus
 color-eyre^0.6.30.6.3up to date
 mimalloc^0.1.430.1.43up to date
 tokio^1.38.01.38.1up to date
 tracing^0.1.400.1.40up to date
 typed-builder^0.18.20.19.1out of date

Crate athena

Dependencies

(16 total, 1 outdated)

CrateRequiredLatestStatus
 ahash^0.8.110.8.11up to date
 async-trait^0.1.800.1.81up to date
 either^1.13.01.13.0up to date
 futures-util^0.3.300.3.30up to date
 iso8601-timestamp^0.2.170.2.17up to date
 once_cell^1.19.01.19.0up to date
 rand^0.8.50.8.5up to date
 serde^1.0.2031.0.204up to date
 smol_str^0.2.20.2.2up to date
 thiserror^1.0.611.0.63up to date
 tokio^1.38.01.38.1up to date
 tokio-util^0.7.110.7.11up to date
 tracing^0.1.400.1.40up to date
 typed-builder^0.18.20.19.1out of date
 typetag^0.2.160.2.16up to date
 unsize^1.1.01.1.0up to date

Dev dependencies

(2 total, all up-to-date)

CrateRequiredLatestStatus
 postcard^1.0.81.0.8up to date
 tracing-subscriber^0.3.180.3.18up to date

Crate blowocking

Dependencies

(5 total, all up-to-date)

CrateRequiredLatestStatus
 once_cell^1.19.01.19.0up to date
 rayon^1.10.01.10.0up to date
 thiserror^1.0.611.0.63up to date
 tokio^1.38.01.38.1up to date
 tracing^0.1.400.1.40up to date

Crate cursiv

Dependencies

(11 total, all up-to-date)

CrateRequiredLatestStatus
 aliri_braid^0.4.00.4.0up to date
 blake3^1.5.11.5.3up to date
 cookie^0.18.10.18.1up to date
 hex-simd^0.8.00.8.0up to date
 http^1.1.01.1.0up to date
 pin-project-lite^0.2.140.2.14up to date
 rand^0.8.50.8.5up to date
 tower^0.4.130.4.13up to date
 zeroize^1.8.11.8.1up to date
 async-trait^0.1.800.1.81up to date
 axum-core^0.4.30.4.3up to date

Dev dependencies

(2 total, all up-to-date)

CrateRequiredLatestStatus
 futures-test^0.3.300.3.30up to date
 tower^0.4.130.4.13up to date

Crate geomjeungja

Dependencies

(8 total, 1 outdated)

CrateRequiredLatestStatus
 async-trait^0.1.800.1.81up to date
 hickory-resolver^0.24.10.24.1up to date
 rand^0.8.50.8.5up to date
 serde^1.0.2031.0.204up to date
 thiserror^1.0.611.0.63up to date
 tracing^0.1.400.1.40up to date
 typed-builder^0.18.20.19.1out of date
 unsize^1.1.01.1.0up to date

Dev dependencies

(4 total, all up-to-date)

CrateRequiredLatestStatus
 insta^1.39.01.39.0up to date
 rand_xorshift^0.3.00.3.0up to date
 serde_json^1.0.1181.0.120up to date
 tokio^1.38.01.38.1up to date

Crate http-signatures

Dependencies

(13 total, all up-to-date)

CrateRequiredLatestStatus
 atoi_radix10^0.0.10.0.1up to date
 base64-simd^0.8.00.8.0up to date
 const-oid^0.9.60.9.6up to date
 derive_builder^0.20.00.20.0up to date
 http^1.1.01.1.0up to date
 httpdate^1.0.31.0.3up to date
 logos^0.14.00.14.0up to date
 miette^7.2.07.2.0up to date
 pkcs8^0.10.20.10.2up to date
 ring^0.17.80.17.8up to date
 scoped-futures^0.1.30.1.3up to date
 thiserror^1.0.611.0.63up to date
 tracing^0.1.400.1.40up to date

Dev dependencies

(2 total, all up-to-date)

CrateRequiredLatestStatus
 divan^0.1.140.1.14up to date
 tokio^1.38.01.38.1up to date

Crate http-signatures-cli

Dependencies

(2 total, all up-to-date)

CrateRequiredLatestStatus
 miette^7.2.07.2.0up to date
 owo-colors^4.0.04.0.0up to date

Crate just-retry

Dependencies

(3 total, all up-to-date)

CrateRequiredLatestStatus
 retry-policies^0.4.00.4.0up to date
 tokio^1.38.01.38.1up to date
 tracing^0.1.400.1.40up to date

Crate masto-id-convert

Dependencies

(3 total, all up-to-date)

CrateRequiredLatestStatus
 atoi_radix10^0.0.10.0.1up to date
 nanorand^0.7.00.7.0up to date
 uuid^1.9.11.10.0up to date

Dev dependencies

(3 total, all up-to-date)

CrateRequiredLatestStatus
 divan^0.1.140.1.14up to date
 time^0.3.360.3.36up to date
 uuid^1.9.11.10.0up to date

Crate mrf-manifest

Dependencies

(9 total, 2 outdated)

CrateRequiredLatestStatus
 leb128^0.2.50.2.5up to date
 olpc-cjson^0.1.30.1.3up to date
 schemars^0.8.210.8.21up to date
 semver^1.0.231.0.23up to date
 serde^1.0.2031.0.204up to date
 serde_json^1.0.1181.0.120up to date
 thiserror^1.0.611.0.63up to date
 wasm-encoder^0.211.10.214.0out of date
 wasmparser^0.211.10.214.0out of date

Dev dependencies

(3 total, all up-to-date)

CrateRequiredLatestStatus
 serde_json^1.0.1181.0.120up to date
 insta^1.39.01.39.0up to date
 wat^1.211.11.214.0up to date

Crate mrf-tool

Dependencies

(4 total, 1 outdated)

CrateRequiredLatestStatus
 color-eyre^0.6.30.6.3up to date
 colored_json^5.0.05.0.0up to date
 serde_json^1.0.1181.0.120up to date
 wasmparser^0.211.10.214.0out of date

Dev dependencies

(2 total, all up-to-date)

CrateRequiredLatestStatus
 serde_json^1.0.1181.0.120up to date
 wat^1.211.11.214.0up to date

Crate post-process

Dependencies

(1 total, all up-to-date)

CrateRequiredLatestStatus
 logos^0.14.00.14.0up to date

Dev dependencies

(4 total, all up-to-date)

CrateRequiredLatestStatus
 divan^0.1.140.1.14up to date
 futures-executor^0.3.300.3.30up to date
 insta^1.39.01.39.0up to date
 pretty_assertions^1.4.01.4.0up to date

Crate speedy-uuid

Dependencies

(7 total, all up-to-date)

CrateRequiredLatestStatus
 async-graphql^7.0.67.0.7up to date
 diesel^2.2.12.2.2up to date
 fred^9.0.39.0.3up to date
 serde^1.0.2031.0.204up to date
 thiserror^1.0.611.0.63up to date
 uuid^1.9.11.10.0up to date
 uuid-simd^0.8.00.8.0up to date

Dev dependencies

(1 total, all up-to-date)

CrateRequiredLatestStatus
 serde_test^1.0.1761.0.176up to date

Crate tick-tock-mock

Dev dependencies

(1 total, all up-to-date)

CrateRequiredLatestStatus
 divan^0.1.140.1.14up to date

Crate tower-http-digest

Dependencies

(12 total, all up-to-date)

CrateRequiredLatestStatus
 base64-simd^0.8.00.8.0up to date
 bytes^1.6.01.6.1up to date
 either^1.13.01.13.0up to date
 http^1.1.01.1.0up to date
 http-body^1.0.01.0.1up to date
 memchr^2.7.42.7.4up to date
 pin-project-lite^0.2.140.2.14up to date
 sha2^0.10.80.10.8up to date
 subtle^2.6.12.6.1up to date
 tower-layer^0.3.20.3.2up to date
 tower-service^0.3.20.3.2up to date
 tracing^0.1.400.1.40up to date

Dev dependencies

(4 total, all up-to-date)

CrateRequiredLatestStatus
 bytes^1.6.01.6.1up to date
 futures-test^0.3.300.3.30up to date
 http-body-util^0.1.20.1.2up to date
 tower^0.4.130.4.13up to date

Crate tower-stop-using-brave

Dependencies

(6 total, all up-to-date)

CrateRequiredLatestStatus
 either^1.13.01.13.0up to date
 http^1.1.01.1.0up to date
 once_cell^1.19.01.19.0up to date
 regex^1.10.51.10.5up to date
 tower-layer^0.3.20.3.2up to date
 tower-service^0.3.20.3.2up to date

Dev dependencies

(2 total, all up-to-date)

CrateRequiredLatestStatus
 futures^0.3.300.3.30up to date
 tower^0.4.130.4.13up to date

Crate tower-x-clacks-overhead

Dependencies

(4 total, all up-to-date)

CrateRequiredLatestStatus
 http^1.1.01.1.0up to date
 pin-project-lite^0.2.140.2.14up to date
 tower-layer^0.3.20.3.2up to date
 tower-service^0.3.20.3.2up to date

Dev dependencies

(2 total, all up-to-date)

CrateRequiredLatestStatus
 futures-test^0.3.300.3.30up to date
 tower^0.4.130.4.13up to date

Crate trials

Dev dependencies

(1 total, all up-to-date)

CrateRequiredLatestStatus
 futures-test^0.3.300.3.30up to date

Crate trials-macros

Dependencies

(3 total, all up-to-date)

CrateRequiredLatestStatus
 proc-macro2^1.0.861.0.86up to date
 quote^1.0.361.0.36up to date
 syn^2.0.682.0.71up to date

Crate xtask

Dependencies

(6 total, all up-to-date)

CrateRequiredLatestStatus
 anyhow^1.0.861.0.86up to date
 argh^0.1.120.1.12up to date
 glob^0.3.10.3.1up to date
 taplo^0.13.00.13.0up to date
 tracing^0.1.400.1.40up to date
 tracing-subscriber^0.3.180.3.18up to date

Security Vulnerabilities

rsa: Marvin Attack: potential key recovery through timing sidechannels

RUSTSEC-2023-0071

Impact

Due to a non-constant-time implementation, information about the private key is leaked through timing information which is observable over the network. An attacker may be able to use that information to recover the key.

Patches

No patch is yet available, however work is underway to migrate to a fully constant-time implementation.

Workarounds

The only currently available workaround is to avoid using the rsa crate in settings where attackers are able to observe timing information, e.g. local use on a non-compromised computer is fine.

References

This vulnerability was discovered as part of the "Marvin Attack", which revealed several implementations of RSA including OpenSSL had not properly mitigated timing sidechannel attacks.