Deps.rs

veloren / airshipper

[![dependency status](https://deps.rs/repo/gitlab/veloren/airshipper/status.svg)](https://deps.rs/repo/gitlab/veloren/airshipper)

This project might be open to known security vulnerabilities, which can be prevented by tightening the version range of affected dependencies. Find detailed information at the bottom.

Crate airshipper

Dependencies

(44 total, 13 outdated)

CrateRequiredLatestStatus
 veloren-serverbrowser-api^0.4.00.4.0up to date
 veloren-query-server^0.1.20.1.2up to date
 clap^4.5.214.5.40up to date
 indicatif^0.170.18.0out of date
 rustyline^1516.0.0out of date
 colored^2.03.0.0out of date
 iced^0.12.10.13.1out of date
 tracing^0.1.210.1.41up to date
 tracing-futures^0.2.40.2.5up to date
 tracing-subscriber^0.3.70.3.19up to date
 termcolor^1.1.31.4.1up to date
 tracing-appender^0.2.00.2.3up to date
 tracing-log^0.2.00.2.0up to date
 regex^1.101.11.1up to date
 reqwest^0.12.50.12.22up to date
 pulldown-cmark^0.12.20.13.0out of date
 strip_markdown^0.2.00.2.0up to date
 html2text^0.130.15.2out of date
 serde^1.0.1161.0.219up to date
 semver^11.0.26up to date
 rss^2.0.72.0.12up to date
 ron^0.8.10.10.1out of date
 remozipsy^0.1.00.1.0up to date
 crc32fast^1.4.21.4.2up to date
 flate2^1.01.1.2up to date
 url^2.2.22.5.4up to date
 image^0.25.50.25.6up to date
 tokio^1.381.46.1up to date
 tokio-stream^0.1.60.1.17up to date
 futures-util^0.3.150.3.31up to date
 derive_more^1.0.02.0.1out of date
 find_folder^0.3.00.3.0up to date
 lazy_static^1.4.01.5.0up to date
 thiserror^2.0.32.0.12up to date
 bytesize^1.0.12.0.1out of date
 bytes^11.10.1up to date
 opener^0.7.20.8.2out of date
 dirs-next^2.0.02.0.0up to date
 rand^0.8.50.9.1out of date
 chrono^0.4.220.4.41up to date
 country-parser^0.1.10.1.1up to date
 openssl-sys^0.90.9.109up to date
 windows-sys^0.59.00.60.2out of date
 self_update^0.41.00.42.0out of date

Build dependencies

(1 total, all up-to-date)

CrateRequiredLatestStatus
 winresource^0.1.150.1.22up to date

Crate airshipper-server

Dependencies

(26 total, 5 outdated, 1 possibly insecure)

CrateRequiredLatestStatus
 tokio-util^0.7.80.7.15up to date
 tokio^1.391.46.1up to date
 termcolor^1.41.4.1up to date
 tracing^0.1.210.1.41up to date
 tracing-appender^0.2.00.2.3up to date
 tracing-subscriber^0.3.70.3.19up to date
 tracing-log^0.20.2.0up to date
 ron^0.80.10.1out of date
 regex^1.101.11.1up to date
 axum^0.70.8.4out of date
 tower-http^0.6.20.6.6up to date
 reqwest^0.120.12.22up to date
 octocrab^0.420.44.1out of date
 serde^1.0.1051.0.219up to date
 serde_json^1.0.591.0.140up to date
 sqlx^0.8.10.8.6up to date
 thiserror^2.0.32.0.12up to date
 chrono^0.4.380.4.41up to date
 lazy_static^1.4.01.5.0up to date
 prometheus^0.130.14.0out of date
 futures^0.3.80.3.31up to date
 bytes^11.10.1up to date
 md5^0.7.00.8.0out of date
 url^2.2.22.5.4up to date
 libsqlite3-sys ⚠️*0.34.0maybe insecure
 openssl-sys*0.9.109up to date

Security Vulnerabilities

libsqlite3-sys: `libsqlite3-sys` via C SQLite CVE-2022-35737

RUSTSEC-2022-0090

It was sometimes possible for SQLite versions >= 1.0.12, < 3.39.2 to allow an array-bounds overflow when large string were input into SQLite's printf function.

As libsqlite3-sys bundles SQLite, it is susceptible to the vulnerability. libsqlite3-sys was updated to bundle the patched version of SQLite here.