Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

RUSTSEC Warnings and Errors on several subprojects #267

Open
Pi-Cla opened this issue Apr 19, 2024 · 1 comment
Open

RUSTSEC Warnings and Errors on several subprojects #267

Pi-Cla opened this issue Apr 19, 2024 · 1 comment

Comments

@Pi-Cla
Copy link

Pi-Cla commented Apr 19, 2024

I rancargo audit on every submoduled project and a bunch of them have various RUSTSEC vulnerabilities and warnings.
All of these except for one at the end of this list was fixed by simply running cargo update.
I think making an issue here might be better than making a separate issue in every submodule github repo?

Degradation of service in h2 servers with CONTINUATION Flood

  • cosmic-comp, cosmic-launcher, cosmic-notifications,

Tokens for named pipes may be delivered after deregistration

  • cosmic-randr, cosmic-screenshot, cosmic-session

ordered-multimap 0.7.1 was yanked

  • cosmic-comp, cosmic-launcher, cosmic-notifications, cosmic-applibrary, cosmic-text, cosmic-osd, cosmic-term

iana-time-zone 0.1.59 was yanked

  • cosmic-screenshot

jobserver 0.1.29 was yanked

  • cosmic-settings

safemem is unmaintained

  • cosmic-text

yaml-rust is unmaintained

  • cosmic-text via syntect (this will require syntect to switch to an alternative such as yaml-rust2)
@Pi-Cla
Copy link
Author

Pi-Cla commented Apr 19, 2024

See here: trishume/syntect#526 for the PR/discussion on syntect and yaml-rust

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@Pi-Cla