CVE-2020-35904: An issue was discovered in the crossbeam-channel crate before 0.4.4 for Rust. It has incorrect expectations about the relationship between the memory allocation and how many iterator elements there are.
vcswatch reports that
this package seems to have a new changelog entry (version
0.5.0-1, distribution
UNRELEASED-FIXME-AUTOGENERATED-DEBCARGO) and new commits
in its VCS. You should consider whether it's time to make
an upload.