OMGeeky/advisory-db
1
0
Fork 0
mirror of https://github.com/OMGeeky/advisory-db.git synced 2026-01-02 01:26:42 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #48 from RustSec/cleanups

Browse Source 
Documentation cleanups
This commit is contained in:
Tony Arcieri
2018-07-24 15:42:18 -07:00
committed by GitHub
parent 085b3a4eb6 ad872b63b2
commit 20d789b68d
2 changed files with 17 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
CONTRIBUTING.md
View File

@@ -44,7 +44,7 @@ A: No, anyone can file an advisory against any crate. The legitimacy of
**Q: Can I file an advisory without creating a pull request?**
A: Yes, instead of creating a full advisory yourself you can also
[open an issue on the advisory-db repo]: https://github.com/RustSec/advisory-db/issues
[open an issue on the advisory-db repo](https://github.com/RustSec/advisory-db/issues)
or email information about the vulnerability to
[rustsec@googlegroups.com](mailto:rustsec@googlegroups.com).

32
README.md
View File

@@ -48,6 +48,22 @@ package = "mycrate"
# Disclosure date of the advisory as an RFC 3339 date (mandatory)
date = "2017-02-25"
# Single-line description of a vulnerability (mandatory)
title = "Flaw in X allows Y"
# Enter a short-form description of the vulnerability here (mandatory)
description = """
Affected versions of this crate did not properly X.
This allows an attacker to Y.
The flaw was corrected by Z.
"""
# URL to a long-form description of this issue, e.g. a GitHub issue/PR,
# a change log entry, or a blogpost announcing the release (optional)
url = "https://github.com/mystuff/mycrate/issues/123"
# Versions which include fixes for this vulnerability (mandatory)
patched_versions = [">= 1.2.0"]
@@ -61,22 +77,6 @@ aliases = ["CVE-2018-XXXX"]
# References to related vulnerabilities (optional)
# e.g. CVE for a C library wrapped by a -sys crate)
references = ["CVE-2018-YYYY", "CVE-2018-ZZZZ"]
# URL to a long-form description of this issue, e.g. a GitHub issue/PR,
# a change log entry, or a blogpost announcing the release (optional)
url = "https://github.com/mystuff/mycrate/issues/123"
# Single-line description of a vulnerability (mandatory)
title = "Flaw in X allows Y"
# Enter a short-form description of the vulnerability here (mandatory)
description = """
Affected versions of this crate did not properly X.
This allows an attacker to Y.
The flaw was corrected by Z.
"""
```
## License