OMGeeky/advisory-db
1
0
Fork 0
mirror of https://github.com/OMGeeky/advisory-db.git synced 2026-02-23 15:38:27 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add disappeared advisories (#1049)

Browse Source
This commit is contained in:
Yechan Bae
2021-09-18 17:33:39 -04:00
committed by GitHub
parent 9fead37879
commit bb15a55b43
2 changed files with 37 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
crates/metrics-util/RUSTSEC-0000-0000.md Normal file
View File

@@ -0,0 +1,18 @@
```toml
[advisory]
id = "RUSTSEC-0000-0000"
package = "metrics-util"
date = "2021-04-07"
url = "https://github.com/metrics-rs/metrics/issues/190"
categories = ["memory-corruption", "thread-safety"]
[versions]
patched = [">= 0.7.0"]
```
# AtomicBucket<T> unconditionally implements Send/Sync
In the affected versions of the crate, `AtomicBucket<T>` unconditionally implements `Send`/`Sync` traits. Therefore, users can create a data race to the inner
`T: !Sync` by using the `AtomicBucket::data_with()` API.
Such data races can potentially cause memory corruption or other undefined behavior.
The flaw was fixed in commit 8e6daab by adding appropriate Send/Sync bounds to the Send/Sync impl of struct `Block<T>` (which is a data type contained inside `AtomicBucket<T>`).