OMGeeky/advisory-db
1
0
Fork 0
mirror of https://github.com/OMGeeky/advisory-db.git synced 2026-01-01 17:20:33 +01:00
Code Issues Packages Projects Releases Wiki Activity

Remove comments

Browse Source
This commit is contained in:
Stjepan Glavina
2018-12-09 16:46:28 +00:00
parent e717bd76c2
commit 968e1279f6
1 changed files with 0 additions and 37 deletions
Download Patch File Download Diff File Expand all files Collapse all files

37
crates/crossbeam/RUSTSEC-0000-0000.toml
View File

@@ -1,18 +1,8 @@
[advisory]
# Identifier for the advisory (mandatory). Will be assigned a "RUSTSEC-YYYY-NNNN"
# identifier e.g. RUSTSEC-2018-0001. Please use "RUSTSEC-0000-0000" in PRs.
id = "RUSTSEC-0000-0000"
# Name of the affected crate (mandatory)
package = "crossbeam"
# Disclosure date of the advisory as an RFC 3339 date (mandatory)
date = "2018-12-09"
# Single-line description of a vulnerability (mandatory)
title = "MsQueue and SegQueue suffer from double-free"
# Enter a short-form description of the vulnerability here (mandatory)
description = """
Even if an element is popped from a queue, crossbeam would run its
destructor inside the epoch-based garbage collector. This is a source
@@ -23,34 +13,7 @@ The flaw was corrected by wrapping elements inside queues in a
Thanks to @c0gent for reporting the issue.
"""
# Versions which include fixes for this vulnerability (mandatory)
patched_versions = [">= 0.4.1"]
# Versions which were never vulnerable (optional)
unaffected_versions = ["< 0.4.0"]
# URL to a long-form description of this issue, e.g. a GitHub issue/PR,
# a change log entry, or a blogpost announcing the release (optional)
url = "https://github.com/crossbeam-rs/crossbeam-epoch/issues/82"
# Keywords which describe this vulnerability, similar to Cargo (optional)
keywords = ["concurrency", "memory-management"]
# Vulnerability aliases, e.g. CVE IDs (optional but recommended)
# Request a CVE for your RustSec vulns: https://iwantacve.org/
#aliases = ["CVE-2018-XXXX"]
# References to related vulnerabilities (optional)
# e.g. CVE for a C library wrapped by a -sys crate)
#references = ["CVE-2018-YYYY", "CVE-2018-ZZZZ"]
# CPU architectures impacted by this vulnerability (optional)
# For a list of CPU architecture strings, see the "platforms" crate:
# <https://docs.rs/platforms/latest/platforms/target/enum.Arch.html>
#affected_arch = ["x86", "x86_64"]
# Operating systems impacted by this vulnerability (optional)
# For a list of OS strings, see the "platforms" crate:
# <https://docs.rs/platforms/latest/platforms/target/enum.OS.html>
#affected_os = ["windows"]