From 6fb69056e2abaad923194401041a06c1948735fa Mon Sep 17 00:00:00 2001
From: Ammar Askar <ammar@ammaraskar.com>
Date: Mon, 18 Jan 2021 15:44:41 -0800
Subject: [PATCH] Add advisory for data race in conquer-once

---
 crates/conquer-once/RUSTSEC-0000-0000.md | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)
 create mode 100644 crates/conquer-once/RUSTSEC-0000-0000.md

diff --git a/crates/conquer-once/RUSTSEC-0000-0000.md b/crates/conquer-once/RUSTSEC-0000-0000.md
new file mode 100644
index 0000000..58538c0
--- /dev/null
+++ b/crates/conquer-once/RUSTSEC-0000-0000.md
@@ -0,0 +1,24 @@
+```toml
+[advisory]
+id = "RUSTSEC-0000-0000"
+package = "conquer-once"
+date = "2020-12-22"
+url = "https://github.com/oliver-giersch/conquer-once/issues/3"
+categories = ["memory-corruption"]
+keywords = ["concurrency"]
+
+[versions]
+patched = [">= 0.3.2"]
+unaffected = []
+```
+
+# conquer-once's OnceCell lacks Send bound for its Sync trait.
+
+Affected versions of `conquer-once` implements `Sync` for its `OnceCell` type
+without restricting it to `Send`able types.
+
+This allows non-`Send` but `Sync` types such as `MutexGuard` to be sent across
+threads leading to undefined behavior and memory corruption in concurrent
+programs.
+
+The issue was fixed by adding a `Send` constraint to `OnceCell`.