no patched versions
In the affected versions of this crate,
merge_sort::merge() wildly duplicates and drops ownership of
T without guarding against double-free. Due to such implementation,
Vec<T: Drop> can cause double free bugs.