diff --git a/CHANGELOG.md b/CHANGELOG.md
index 35d1d33..04fe499 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -13,6 +13,20 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
 ### Fixed
 ### Security
 
+## [0.7.1] - 2024-12-22
+
+Servicing release.
+
+### Changed
+
+* Updated the `cfb` dependency from "0.3" to "0.10".
+
+### Security
+
+* Updated the `nom` dependency from "5.1" to "7.1". This acknowledges [RUSTSEC-2023-0086](https://rustsec.org/advisories/RUSTSEC-2023-0086.html) that describes soundness issues in the `lexical-core` crate.
+
+  `lexical-core` was an optional dependency of the `nom` crate prior to version "7". It was pulled in via default features, but wasn't used by this crate. This update makes sure that clients of this crate won't have to deal with false alarms going forward.
+
 ## [0.7.0] - 2024-12-22
 
 ### Fixed
@@ -118,7 +132,8 @@ Non-breaking changes:
 - VBA project parser.
 - RLE decompressor for compressed streams.
 
-[Unreleased]: https://github.com/tim-weis/ovba/compare/0.7.0...HEAD
+[Unreleased]: https://github.com/tim-weis/ovba/compare/0.7.1...HEAD
+[0.7.1]: https://github.com/tim-weis/ovba/compare/0.7.0...0.7.1
 [0.7.0]: https://github.com/tim-weis/ovba/compare/0.6.0...0.7.0
 [0.6.0]: https://github.com/tim-weis/ovba/compare/0.5.0...0.6.0
 [0.5.0]: https://github.com/tim-weis/ovba/compare/0.4.1...0.5.0
diff --git a/Cargo.toml b/Cargo.toml
index 546ce6d..2ded528 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "ovba"
-version = "0.7.0"
+version = "0.7.1"
 authors = ["Tim Weis <tim.weis@outlook.com>"]
 description = "An Office VBA project parser written in 100% safe Rust."
 edition = "2018"
@@ -13,7 +13,7 @@ keywords = ["parser", "office", "vba"]
 categories = ["parser-implementations"]
 
 [dependencies]
-cfb = "0.3"
+cfb = "0.10"
 codepage = "0.1"
 encoding_rs = "0.8"
-nom = "5.1.3"
+nom = { version = "7.1", default-features = false }
diff --git a/src/parser.rs b/src/parser.rs
index 8a8a44f..fa6ee9d 100644
--- a/src/parser.rs
+++ b/src/parser.rs
@@ -134,7 +134,7 @@ pub(crate) fn decompress(i: &[u8]) -> IResult<&[u8], Vec<u8>, FormatError<&[u8]>
     // * If all data has been consumed, return an `Ok()` value.
     nom::combinator::all_consuming(nom::multi::fold_many1(
         chunk_parser,
-        Vec::new(),
+        Vec::new,
         |mut acc: Vec<_>, data| {
             acc.extend(data);
             acc