OMGeeky/advisory-db
1
0
Fork 0
mirror of https://github.com/OMGeeky/advisory-db.git synced 2025-12-29 15:56:07 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #211 from basvandijk/RUSTSEC-2019-0023-string-interner-0.6.4

Browse Source 
string-interner-0.6.4 also fixes RUSTSEC-2019-0023
This commit is contained in:
Tony Arcieri
2019-12-21 08:30:20 -08:00
committed by GitHub
parent 7bc1753de3 158c986aa4
commit d96db2b3d6
1 changed files with 4 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
crates/string-interner/RUSTSEC-2019-0023.toml
View File

@@ -14,7 +14,10 @@ An attacker can do brute force attack to get the data pointed by the dangling po
The flaw was corrected by <https://github.com/Robbepop/string-interner/pull/10>.
This patch implements `Clone` manually to the interner type, so that the internal raw pointers always point the strings owned by the same interner.
PR #10 was also backported to the 0.6 release line in
<https://github.com/Robbepop/string-interner/pull/14> and was released in 0.6.4.
"""
patched_versions = [">= 0.7.1"]
patched_versions = ["^0.6.4", ">= 0.7.1"]
url = "https://github.com/Robbepop/string-interner/issues/9"
keywords = ["use after free"]