In my project I do neither use Botan / OpenSSL but only Vibe-D with notls set. But the dub.json dependency tree is analyzed and therefore the dependency defined here (https://github.com/etcimon/botan/blob/master/dub.json#L75) is found.
OpenSSL 1.0.1 is oudated and marked by scanners as vulnerable.
Could you please switch to OpenSSL 1.1.0? (2.0.0+1.1.0h or 2.0.1+1.1.0h)
In my project I do neither use Botan / OpenSSL but only Vibe-D with notls set. But the dub.json dependency tree is analyzed and therefore the dependency defined here (https://github.com/etcimon/botan/blob/master/dub.json#L75) is found.
OpenSSL 1.0.1 is oudated and marked by scanners as vulnerable. Could you please switch to OpenSSL 1.1.0? (2.0.0+1.1.0h or 2.0.1+1.1.0h)