From 7e3423c7ec981f8647e32bd71b46a410751daa92 Mon Sep 17 00:00:00 2001
From: Ralf Jung <post@ralfj.de>
Date: Sat, 20 Jul 2019 12:56:59 +0200
Subject: [PATCH] actually memoffset also had an uninit-drop vuln, and that
 affects all versions ever published

---
 crates/memoffset/RUSTSEC-2019-0011.toml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/crates/memoffset/RUSTSEC-2019-0011.toml b/crates/memoffset/RUSTSEC-2019-0011.toml
index f0c40a6..c68916f 100644
--- a/crates/memoffset/RUSTSEC-2019-0011.toml
+++ b/crates/memoffset/RUSTSEC-2019-0011.toml
@@ -2,13 +2,13 @@
 id = "RUSTSEC-2019-0011"
 package = "memoffset"
 date = "2019-07-16"
-title = "Flaw in offset_of and span_of causes SIGILL, potential memory unsafety"
+title = "Flaw in offset_of and span_of causes SIGILL, drops uninitialized memory of arbitrary type on panic in client code"
 description = """
 Affected versions of this crate caused traps and/or memory unsafety by zero-initializing references.
+They also could leat to uninitialized memory being dropped if the field for which the offset is requested was behind a deref coercion, and that deref coercion caused a panic.
 
 The flaw was corrected by using `MaybeUninit`.
 """
 
 patched_versions = [">= 0.5.0"]
-unaffected_versions = ["< 0.3.0"]
 url = "https://github.com/Gilnaa/memoffset/issues/9#issuecomment-505461490"