Merge pull request #97 from gedigi/master

Add protobuf out-of-memory vulnerability

crates/protobuf/RUSTSEC-0000-0000.toml

@@ -0,0 +1,15 @@
+[advisory]
+id = "RUSTSEC-0000-0000"
+package = "protobuf"
+date = "2018-06-08"
+title = "Out of Memory in stream::read_raw_bytes_into()"
+description = """
+Affected versions of this crate called Vec::reserve() on user-supplied input.
+
+This allows an attacker to cause an Out of Memory condition while calling the
+vulnerable method on untrusted data.
+"""
+url = "https://github.com/stepancheg/rust-protobuf/issues/411"
+keywords = ["oom", "panic", "dos"]
+affected_functions = ["stream::read_raw_bytes_into"]
+patched_versions = []