From f71bc5a6d33ea6168a50b8d80b9666b11ddcbcb6 Mon Sep 17 00:00:00 2001
From: Ammar Askar <ammar@ammaraskar.com>
Date: Wed, 9 Dec 2020 10:41:23 -0500
Subject: [PATCH] Add advisory for data race in thex (#523)

---
 crates/thex/RUSTSEC-0000-0000.md | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)
 create mode 100644 crates/thex/RUSTSEC-0000-0000.md

diff --git a/crates/thex/RUSTSEC-0000-0000.md b/crates/thex/RUSTSEC-0000-0000.md
new file mode 100644
index 0000000..e1fe792
--- /dev/null
+++ b/crates/thex/RUSTSEC-0000-0000.md
@@ -0,0 +1,19 @@
+```toml
+[advisory]
+id = "RUSTSEC-0000-0000"
+package = "thex"
+date = "2020-12-08"
+categories = ["memory-corruption"]
+keywords = ["concurrency"]
+
+[versions]
+patched = []
+```
+
+# Thex<T> allows data races of non-Send types across threads
+
+`thex::Thex<T>` implements `Sync` for all types `T`. However, it is missing a
+bound for `T: Send`.
+
+This allows non-Send types such as `Rc` to be sent across thread boundaries
+which can trigger undefined behavior and memory corruption.