diff --git a/Cargo.lock b/Cargo.lock
index f6e55c6..a3a3907 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -2759,9 +2759,9 @@ dependencies = [
 
 [[package]]
 name = "quinn-proto"
-version = "0.11.13"
+version = "0.11.14"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "f1906b49b0c3bc04b5fe5d86a77925ae6524a19b816ae38ce1e426255f1d8a31"
+checksum = "434b42fec591c96ef50e21e886936e66d3cc3f737104fdb9b737c40ffb94c098"
 dependencies = [
  "bytes",
  "getrandom 0.3.4",
diff --git a/deny.toml b/deny.toml
index 5e21c2f..45b267a 100644
--- a/deny.toml
+++ b/deny.toml
@@ -84,6 +84,7 @@ feature-depth = 1
 # output a note when they are encountered.
 ignore = [
   { id = "RUSTSEC-2024-0436", reason = "Paste is used as a dependency for macros, and is not used at runtime" },
+  { id = "RUSTSEC-2023-0071", reason = "No patch is available. The rsa crate is a transitive dependency via recoco-core -> sqlx -> sqlx-mysql. Thread does not use MySQL or perform RSA operations in network-observable contexts; the Marvin Attack timing sidechannel applies only when an attacker can observe network timing against an RSA private key operation. Track https://github.com/RustCrypto/RSA/issues/19 for upstream resolution." },
   # "RUSTSEC-0000-0000",
   # { id = "RUSTSEC-0000-0000", reason = "you can specify a reason the advisory is ignored" },
   # "a-crate-that-is-yanked@0.1.1", # you can also ignore yanked crate versions if you wish