Security problems found by cargo audit

[svenstaro]

Running cargo audit on this project results in this:

Crate:     rust-crypto
Version:   0.2.36
Title:     Miscomputation when performing AES encryption in rust-crypto
Date:      2022-02-28
ID:        RUSTSEC-2022-0011
URL:       https://rustsec.org/advisories/RUSTSEC-2022-0011
Solution:  No fixed upgrade is available!
Dependency tree:
rust-crypto 0.2.36
└── umya-spreadsheet 0.8.5

Crate:     rustc-serialize
Version:   0.3.24
Title:     Stack overflow in rustc_serialize when parsing deeply nested JSON
Date:      2022-01-01
ID:        RUSTSEC-2022-0004
URL:       https://rustsec.org/advisories/RUSTSEC-2022-0004
Solution:  No fixed upgrade is available!
Dependency tree:
rustc-serialize 0.3.24
└── rust-crypto 0.2.36
    └── umya-spreadsheet 0.8.5

Crate:     time
Version:   0.1.45
Title:     Potential segfault in the time crate
Date:      2020-11-18
ID:        RUSTSEC-2020-0071
URL:       https://rustsec.org/advisories/RUSTSEC-2020-0071
Solution:  Upgrade to >=0.2.23
Dependency tree:
time 0.1.45
├── rust-crypto 0.2.36
│   └── umya-spreadsheet 0.8.5
└── chrono 0.4.23
    └── umya-spreadsheet 0.8.5

Crate:     rust-crypto
Version:   0.2.36
Warning:   unmaintained
Title:     rust-crypto is unmaintained; switch to a modern alternative
Date:      2016-09-06
ID:        RUSTSEC-2016-0005
URL:       https://rustsec.org/advisories/RUSTSEC-2016-0005

error: 3 vulnerabilities found!
warning: 1 allowed warning found

rust-crypto is super unmaintained and the time upgrade should be doable.

[MathNya]

Thank you for your report. We will address this in the next update.

[MathNya]

The latest version has been released. Please check it out.

[svenstaro]

Looking good, just the time issue remaining. However, that appears to be an issue in chrono and there's no update available. Let's close this.