This project might be open to known security vulnerabilities, which can be prevented by tightening the version range of affected dependencies. Find detailed information at the bottom.

Crate pueue

Dependencies

(11 total, all up-to-date)

CrateRequiredLatestStatus
 anyhow^1.01.0.81up to date
 chrono-english^0.10.1.7up to date
 clap^4.34.5.4up to date
 clap_complete^4.34.5.1up to date
 comfy-table^77.1.0up to date
 ctrlc^33.4.4up to date
 pest^2.72.7.8up to date
 pest_derive^2.72.7.8up to date
 shell-escape^0.10.1.5up to date
 simplelog^0.120.12.2up to date
 tempfile^33.10.1up to date

Dev dependencies

(5 total, all up-to-date)

CrateRequiredLatestStatus
 assert_cmd^22.0.14up to date
 rstest^0.180.18.2up to date
 similar-asserts^11.5.0up to date
 env_logger^0.110.11.3up to date
 test-log^0.20.2.15up to date

Crate pueue-lib

Dependencies

(15 total, 1 outdated, 1 possibly insecure)

CrateRequiredLatestStatus
 anyhow^1.01.0.81up to date
 async-trait^0.10.1.79up to date
 byteorder^1.51.5.0up to date
 chrono ⚠️^0.40.4.37maybe insecure
 dirs^5.05.0.1up to date
 rand^0.80.8.5up to date
 rcgen^0.120.13.0out of date
 rev_buf_reader^0.30.3.0up to date
 rustls^0.230.23.4up to date
 rustls-pemfile^22.1.1up to date
 serde_cbor^0.110.11.2up to date
 serde_yaml^0.90.9.34+deprecatedup to date
 shellexpand^3.13.1.0up to date
 thiserror^1.01.0.58up to date
 tokio-rustls^0.260.26.0up to date

Dev dependencies

(2 total, all up-to-date)

CrateRequiredLatestStatus
 portpicker^0.10.1.1up to date
 tempfile^33.10.1up to date

Security Vulnerabilities

chrono: Potential segfault in `localtime_r` invocations

RUSTSEC-2020-0159

Impact

Unix-like operating systems may segfault due to dereferencing a dangling pointer in specific circumstances. This requires an environment variable to be set in a different thread than the affected functions. This may occur without the user's knowledge, notably in a third-party library.

Workarounds

No workarounds are known.

References