From 226a6d6dad7b8dd1d5177cc41bb167dff342232e Mon Sep 17 00:00:00 2001
From: Yechan Bae <qwazpia@gmail.com>
Date: Sun, 28 Jun 2020 01:09:32 -0400
Subject: [PATCH] Security advisory for SergioBenitez/Rocket#1312

---
 crates/rocket/RUSTSEC-0000-0000.toml | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)
 create mode 100644 crates/rocket/RUSTSEC-0000-0000.toml

diff --git a/crates/rocket/RUSTSEC-0000-0000.toml b/crates/rocket/RUSTSEC-0000-0000.toml
new file mode 100644
index 0000000..9463feb
--- /dev/null
+++ b/crates/rocket/RUSTSEC-0000-0000.toml
@@ -0,0 +1,20 @@
+[advisory]
+id = "RUSTSEC-0000-0000"
+package = "rocket"
+date = "2020-05-27"
+title = "`LocalRequest::clone` creates multiple mutable references to the same object"
+url = "https://github.com/SergioBenitez/Rocket/issues/1312"
+description = """
+The affected version of `rocket` contains a `Clone` trait implementation of
+`LocalRequest` that reuses the pointer to inner `Request` object.
+This causes data race in rare combinations of APIs if the original and the
+cloned objects are modified at the same time.
+"""
+
+[affected]
+# TODO: confirm that this path is correct
+functions = { "rocket::local::LocalRequest::Clone::clone" = ["< 0.4.5, >= 0.4.0"] }
+
+[versions]
+patched = [">= 0.4.5"]
+unaffected = ["< 0.4.0"]