From bc94cc0b79c44fb135fe9180fb5d781273f38294 Mon Sep 17 00:00:00 2001 From: niluxv Date: Sun, 2 Feb 2020 10:00:36 +0100 Subject: [PATCH] Update dependancies Now `rustbreak` no longer depends on `serde_yaml` versions under 0.8.4, which are vulnerable to uncontrolled recursion in deserialisation, see RUSTSEC-2018-0005. --- Cargo.toml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/Cargo.toml b/Cargo.toml index 9c4f39e..71bd373 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -22,11 +22,11 @@ tempfile = "3" [dependencies.ron] optional = true -version = "0.2.0" +version = "0.5" [dependencies.base64] optional = true -version = "0.9.0" +version = "0.11" [dependencies.bincode] optional = true @@ -34,11 +34,11 @@ version = "1" [dependencies.serde_yaml] optional = true -version = "0.7" +version = "0.8.5" [dependencies.memmap] optional = true -version = "0.6" +version = "0.7" [dev-dependencies] lazy_static = "1"