OMGeeky/advisory-db
1
0
Fork 0
mirror of https://github.com/OMGeeky/advisory-db.git synced 2026-01-07 04:01:35 +01:00
Code Issues Packages Projects Releases Wiki Activity

Assign RUSTSEC-2019-0022 to portaudio-rs

Browse Source 
Original PR: https://github.com/RustSec/advisory-db/pull/160
This commit is contained in:
Tony Arcieri
2019-09-18 11:04:14 -06:00
parent 80feab701f
commit 52ceea1bb8
1 changed files with 1 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
crates/portaudio-rs/RUSTSEC-0000-0000.toml → crates/portaudio-rs/RUSTSEC-2019-0022.toml
View File

@@ -1,14 +1,8 @@
[advisory]
id = "RUSTSEC-0000-0000"
id = "RUSTSEC-2019-0022"
package = "portaudio-rs"
date = "2017-09-14"
# Single-line description of a vulnerability (mandatory)
title = "Stream callback function is not unwind safe"
# Enter a short-form description of the vulnerability here (mandatory)
description = """
Affected versions of this crate is not panic safe within callback functions `stream_callback` and `stream_finished_callback`.
@@ -18,12 +12,7 @@ This allows an attacker to construct an arbitrary code execution .
The flaw was reported by Phosphorus15.
"""
# yet not patched
patched_versions = ["> 0.3.1"]
url = "https://github.com/mvdnes/portaudio-rs/issues/20"
categories = ["code-execution", "memory-corruption"]
keywords = ["audio", "ffi"]