alerter (>=0.3.0 <=0.3.1), libmatrix-client (=0.0.1) +10 more potentially affected by unknown CVE via olm-sys (>=0.1.5 <=1.3.2)

olm-sys CARGO version =0.1.5, =0.3.0, =0.1.0, =0.1.0, =0.1.0, =0.2.0, =0.1.0, =0.1.0, =0.1.10-alpha, =0.13.0, =0.1.0, =0.3.0 Source cves: unknown CVE Source advisory: OSV:GHSA-P2Q9-36VW-C468...

alerter (>=0.3.0 <=0.3.1), libmatrix-client (=0.0.1) +10 more potentially affected by CVE-2024-45191 +2 more via olm-sys (>=0.1.5 <=1.3.2)

olm-sys CARGO version =0.1.5, =0.3.0, =0.1.0, =0.1.0, =0.1.0, =0.2.0, =0.1.0, =0.1.0, =0.1.10-alpha, =0.13.0, =0.1.0, =0.3.0 Source cves: CVE-2024-45191, CVE-2024-45192, CVE-2024-45193 Source advisory: OSV:RUSTSEC-2024-0368...

RUSTSEC-2024-0368 olm-sys: wrapped library unmaintained, potentially vulnerable

After several cryptographic vulnerabilities in libolm were disclosed publicly, the Matrix Foundation has officially deprecated the library. olm-sys is a thin wrapper around libolm and is now deprecated and potentially vulnerable in kind. Users of olm-sys and its higher-level abstraction, olm-rs,...