Merge pull request #495 from RustSec/alex-patch-1

Added advisory for pyo3 reference counting issue
2026-01-03 10:05:26 +01:00 · 2020-11-28 22:17:30 +01:00
parent 4c6de3973f b9eed83776
commit 9b1aa6343c
1 changed files with 17 additions and 0 deletions
--- a/crates/pyo3/RUSTSEC-0000-0000.md
+++ b/crates/pyo3/RUSTSEC-0000-0000.md
@@ -0,0 +1,17 @@
+```toml
+[advisory]
+id = "RUSTSEC-0000-0000"
+package = "pyo3"
+date = "2020-11-28"
+url = "https://github.com/PyO3/pyo3/pull/1297"
+keywords = ["memory-corruption"]
+
+[versions]
+patched = [">= 0.12.4"]
+unaffected = ["< 0.12.0"]
+```
+
+# Reference counting error in `From<Py<T>>`
+
+A bug in `From<Py<T>>` would lead to an extra reference count decrement, often
+leading to use-after-free issues.