Hi there,

I've recently started a project to scan rust projects with cargo-audit for
potential known security issues. The following was found in mozjs78:

* RUSTSEC-2021-0067 -> crate: cranelift-codegen, cvss: None, class:
['code-execution', 'memory-corruption', 'memory-exposure']
* RUSTSEC-2020-0060 -> crate: futures-task, cvss: None, class:
['code-execution', 'memory-corruption']
* RUSTSEC-2020-0061 -> crate: futures-task, cvss: None, class:
['denial-of-service']
* RUSTSEC-2020-0059 -> crate: futures-util, cvss: None, class:
['thread-safety']
* RUSTSEC-2020-0146 -> crate: generic-array, cvss: None, class:
['memory-corruption']
* RUSTSEC-2021-0020 -> crate: hyper, cvss: None, class: ['format-injection']
* RUSTSEC-2020-0004 -> crate: lucet-runtime-internals, cvss: None, class:
['memory-corruption', 'memory-exposure']
* RUSTSEC-2020-0082 -> crate: ordered-float, cvss: None, class: []
* RUSTSEC-2021-0013 -> crate: raw-cpuid, cvss: None, class:
['memory-corruption', 'denial-of-service']
* RUSTSEC-2021-0003 -> crate: smallvec, cvss: None, class:
['memory-corruption']
* RUSTSEC-2020-0043 -> crate: ws, cvss: None, class: ['denial-of-service']

Most of these should be able to be resolved with "cargo update" and
re-vendoring your vendor.tar. Alternately upstream may have released updates to
their Cargo.toml/Cargo.lock that may resolve these on an update.

It would be great if you could have a look at these!