From 2522178d5bb49e3f356d6fb991a94359e0c1b4c6 Mon Sep 17 00:00:00 2001
From: "Sergey \"Shnatsel\" Davidoff" <sdavydov@google.com>
Date: Sat, 26 Sep 2020 22:12:12 +0200
Subject: [PATCH] Add advisory for very old, unsound Actix

---
 crates/actix-web/RUSTSEC-0000-0000.toml | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)
 create mode 100644 crates/actix-web/RUSTSEC-0000-0000.toml

diff --git a/crates/actix-web/RUSTSEC-0000-0000.toml b/crates/actix-web/RUSTSEC-0000-0000.toml
new file mode 100644
index 0000000..7fe8bc6
--- /dev/null
+++ b/crates/actix-web/RUSTSEC-0000-0000.toml
@@ -0,0 +1,21 @@
+[advisory]
+id = "RUSTSEC-0000-0000"
+package = "actix-web"
+date = "2018-06-08"
+title = "Multiple memory safety issues"
+url = "https://github.com/actix/actix-web/issues/289"
+categories = ["memory-corruption"]
+description = """
+Affected versions contain multiple memory safety issues, such as:
+
+ - Unsoundly coercing immutable references to mutable references
+ - Unsoundly extending lifetimes of strings
+ - Adding the `Send` marker trait to objects that cannot be safely sent between threads
+
+This may result in a variety of memory corruption scenarios, most likely use-after-free.
+ 
+A signficant refactoring effort has been conducted to resolve these issues.
+"""
+
+[versions]
+patched = [">= 0.7.15"]