buntine / barcoders

A barcode encoding library for the Rust programming language
Apache License 2.0
166 stars 24 forks source link

Dependency on `image` 0.22 needs updating to 0.23 #21

Closed timwalls closed 7 months ago

timwalls commented 3 years ago

barcoders depends on image 0.22 (when the image feature is enabled). Unfortunately 0.22 has a security vulnerability (https://rustsec.org/advisories/RUSTSEC-2020-0073), and fails a cargo audit (meaning so does barcoders.)

The vulnerability is fixed in image 0.23.

ondrejkolin commented 11 months ago

@buntine Sorry for pinging, I do understand it's a very rude thing to do, but is there a chance for you to merge this pull request?

I am building a GTK app with your great library and I would like to avoid delivering potential security issue.

Thanks!

AtomicGamer9523 commented 7 months ago

see https://github.com/buntine/barcoders/pull/22#issuecomment-2028449494

AtomicGamer9523 commented 7 months ago

@timwalls Fixed in #31 This is now safe to close