office crate has soundness issue & unmaintained

[JOE1994]

office crate has the exact same issue as tafia/calamine#199
in https://docs.rs/crate/office/0.8.1/source/src/cfb.rs (lines 175~184).

office crate's repository link leads to the github repo of the calamine crate.
office crate seems to be an older & unmaintained version of calamine.

[Shnatsel]

Can you get clarification on this situation from office/calamine upstream? We're happy to carry advisories for both the vulnerability and the unmaintained status if there's no way to issue a new release of office.

[Qwaz]

The description of office crate on crates.io says (link):

See 'calamine' crate. Contact me for 'office' ownership

Having said that, I believe checking with the upstream is always encouraged.
cc @tafia, could you kindly confirm that the users of office crate are expected to use calamine instead?

[tafia]

I confirm that the office crate is NOT supported and has long since been replaced by calamine.