OMGeeky/advisory-db
1
0
Fork 0
mirror of https://github.com/OMGeeky/advisory-db.git synced 2025-12-26 16:07:48 +01:00
Code Issues Packages Projects Releases Wiki Activity
2,175 Commits 1 Branch 0 Tags
main
Commit Graph

2175 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
github-actions[bot]
0631800c0a Assigned RUSTSEC-2024-0335 to gix-transport (#1943) 
Co-authored-by: Shnatsel <291257+Shnatsel@users.noreply.github.com>
 2024-04-13 18:16:35 +01:00
Sergey "Shnatsel" Davidoff
db2acf4504 Fix date in gix-transport advisory before ID assignment (#1944) 
* Advisory for gix-transport

* Fix link

* Fix date
 2024-04-13 18:15:24 +01:00
Sergey "Shnatsel" Davidoff
70f47a8128 Advisory for gix-transport (#1942) 
* Advisory for gix-transport

* Fix link
 2024-04-13 18:11:17 +01:00
Tony Arcieri
f1cc8f3fec RUSTSEC-2023-0079: fix typos; add alternative (#1941) 2024-04-12 15:07:31 -06:00
github-actions[bot]
6807f8cd07 Assigned RUSTSEC-2024-0334 to libp2p-tokio-socks5 (#1939) 
Co-authored-by: tarcieri <797+tarcieri@users.noreply.github.com>
 2024-04-12 10:31:39 -06:00
Tobin C. Harding
31f2f2bb91 Add advisory for libp2p-tokio-socks5 (#1932) 
I was the original author and am still the crate owner (on crates.io),
I do not, however have write access to the source repository because I
no longer work for the company that controls it.

I stopped maintaining this crate in 2021 but did not know about the
RustSec Advisory process then.
 2024-04-12 10:30:00 -06:00
github-actions[bot]
f9c86528b5 Assigned RUSTSEC-2024-0333 to rsa-export (#1938) 
Co-authored-by: tarcieri <797+tarcieri@users.noreply.github.com>
 2024-04-12 10:29:46 -06:00
Aumetra Weisman
8c82846cb5 File unmaintained advisory for rsa-export (#1933) 2024-04-12 10:28:59 -06:00
github-actions[bot]
c9858c0fc6 Synchronize IDs (2024-04-11) (#1936) 
Co-authored-by: amousset <329388+amousset@users.noreply.github.com>
 2024-04-11 17:16:20 +01:00
github-actions[bot]
0bc9a77248 Assigned RUSTSEC-2024-0332 to h2 (#1931) 
Co-authored-by: alex <772+alex@users.noreply.github.com>
 2024-04-03 14:23:14 -04:00
Sean McArthur
66dbcd37f5 h2: continuation flood cause degradation of service (#1930) 2024-04-03 14:22:17 -04:00
github-actions[bot]
799ff4a106 Assigned (#1928) 
Co-authored-by: tarcieri <797+tarcieri@users.noreply.github.com>
 2024-03-31 08:47:08 -06:00
rubyowo
e53b0f078e Add an unmaintained crate advisory for puccinier (#1927) 2024-03-31 08:44:37 -06:00
github-actions[bot]
aa8e65c812 Assigned (#1924) 
Co-authored-by: amousset <329388+amousset@users.noreply.github.com>
 2024-03-25 10:34:40 +01:00
David Aguilar
9ad163110a Add an unmaintained crate advisory for yaml-rust (#1922) 
Closes: #1921
 2024-03-25 10:14:09 +01:00
github-actions[bot]
369d98c1b9 Assigned RUSTSEC-2023-0085 to hpack (#1920) 
Co-authored-by: tarcieri <797+tarcieri@users.noreply.github.com>
 2024-03-15 16:18:14 +01:00
Carter Snook
61f79bd545 Add hpack panics (#1919) 2024-03-11 11:28:23 -06:00
github-actions[bot]
120db258e9 Assigned RUSTSEC-2024-0021 to eyre, RUSTSEC-2023-0084 to hpack (#1916) 
Co-authored-by: amousset <329388+amousset@users.noreply.github.com>
 2024-03-06 07:01:14 -07:00
David Tolnay
900e79c91c eyre: Parts of Report are dropped as the wrong type during downcast (#1918) 2024-03-06 10:25:01 +01:00
Carter Snook
ed0e7822b7 Add security advisory for unmaintained hpack crate (#1915) 2024-03-05 20:03:18 -07:00
Rain
f45909805e update RUSTSEC-2024-0020 with additional information (#1913) 
* update RUSTSEC-2024-2020 with additional information

Add information about more platforms affected, per
https://github.com/rustsec/advisory-db/pull/1911#issuecomment-1978963801.

* fix syntax

* update affected.os

* remove bitrig
 2024-03-06 02:24:35 +00:00
github-actions[bot]
f9cd39af86 Assigned RUSTSEC-2024-0020 to whoami (#1912) 
Co-authored-by: Shnatsel <291257+Shnatsel@users.noreply.github.com>
 2024-03-05 01:31:53 +00:00
Rain
7af45b5924 Add advisory for stack buffer overflow with whoami (#1911) 
* Advisory for whoami

* omit "informational"

* add solaris
 2024-03-05 01:31:02 +00:00
Bennet Bleßmann
c4a34bd3e1 add migration instructions for safemem (#1909) 
- as suggested in <https://github.com/rustsec/advisory-db/pull/1615#issuecomment-1977169576>
 2024-03-04 19:47:07 +01:00
github-actions[bot]
200d7aa324 Assigned RUSTSEC-2024-0019 to mio (#1908) 
Co-authored-by: amousset <329388+amousset@users.noreply.github.com>
 2024-03-04 18:51:31 +01:00
Alice Ryhl
023fbf4b2c Add advisory for CVE-2024-27308 in mio (#1907) 
Signed-off-by: Alice Ryhl <aliceryhl@google.com>
 2024-03-04 18:21:01 +01:00
github-actions[bot]
9ec5743512 Assigned RUSTSEC-2023-0083 to blurhash (#1906) 
Co-authored-by: Shnatsel <291257+Shnatsel@users.noreply.github.com>
 2024-03-02 17:22:42 +00:00
Ruben De Smet
9b0fad7608 blurhash-rs panic-on-parse (#1786) 
* blurhash-rs panic-on-parse

* Patches for blurhash-rs were released
 2024-03-02 17:21:59 +00:00
github-actions[bot]
eb02e7e60e Assigned RUSTSEC-2024-0018 to crayon (#1905) 
Co-authored-by: Shnatsel <291257+Shnatsel@users.noreply.github.com>
 2024-03-01 03:33:41 +00:00
Kane York
2c791341a0 Add non-informational crayon advisory (#1900) 
* Add second crayon advisory

The crate already has an informational advisory, and this is clearly a separate issue despite affecting the same code.

* Adjust language to not imply intent w/ clippy

The warning silence was in a big pile of other changes and not necessarily done with intent to hide the issue.
 2024-03-01 03:25:45 +00:00
github-actions[bot]
38776a740d Assigned RUSTSEC-2023-0082 to phonenumber (#1904) 
Co-authored-by: Shnatsel <291257+Shnatsel@users.noreply.github.com>
 2024-02-29 21:46:35 +00:00
Ruben De Smet
2dafb038ad rust-phonenumber panic-on-parse (#1785) 2024-02-29 21:46:09 +00:00
github-actions[bot]
ebbd93b9ed Assigned RUSTSEC-2024-0017 to cassandra-cpp (#1903) 
Co-authored-by: Shnatsel <291257+Shnatsel@users.noreply.github.com>
 2024-02-28 17:09:55 +00:00
Keith Wansbrough
1750488701 cassandra-cpp: non-idiomatic use of iterators leads to use after free (#1902) 2024-02-28 17:06:07 +00:00
Kane York
feb54ac57e Add crypto-failure category to snow advisory (#1899) 
Denial of service through messing with nonces is also a crypto-failure.
 2024-02-22 23:43:06 +00:00
github-actions[bot]
22ee9f7e10 Assigned RUSTSEC-2023-0081 to safemem (#1898) 
Co-authored-by: Shnatsel <291257+Shnatsel@users.noreply.github.com>
 2024-02-22 20:43:37 +00:00
Ossi Herrala
dfccc241b8 Add unmaintained advisory for safemem (#1615) 
* Add unmaintained advisory for safemem

* Fill in some details

* Change wording to objective and uncontroversial statements only

---------

Co-authored-by: Sergey "Shnatsel" Davidoff <shnatsel@gmail.com>
 2024-02-22 20:42:28 +00:00
Sergey "Shnatsel" Davidoff
cbfea3ac86 Add patched version for transpose advisory (#1897) 
https://github.com/ejmahler/transpose/issues/11#issuecomment-1953451202
 2024-02-20 04:04:07 +00:00
github-actions[bot]
1a29db069e Assigned RUSTSEC-2024-0016 to libdav1d-sys (#1896) 
Co-authored-by: Shnatsel <291257+Shnatsel@users.noreply.github.com>
 2024-02-19 17:16:28 +00:00
Kalle Samuels
2d47fb6fcc CVE for libdav1d-sys (#1895) 2024-02-19 17:15:45 +00:00
github-actions[bot]
99eb308ec5 Assigned RUSTSEC-2024-0015 to filesystem (#1894) 
Co-authored-by: amousset <329388+amousset@users.noreply.github.com>
 2024-02-18 05:23:45 +01:00
George Holderness
6661b261fd Add unmaintained advisory report for filesystem-rs (#1870) 
Co-authored-by: George Holderness <gholderness@microsoft.com>
 2024-02-18 05:20:39 +01:00
github-actions[bot]
a9df130136 Assigned RUSTSEC-2024-0014 to generational-arena (#1893) 
Co-authored-by: amousset <329388+amousset@users.noreply.github.com>
 2024-02-18 05:06:15 +01:00
nathaniel-daniel
5611d4d388 Add advisory for generational-arena (#1892) 2024-02-18 05:05:29 +01:00
github-actions[bot]
4484e7ae6b Assigned RUSTSEC-2023-0080 to transpose (#1891) 
Co-authored-by: Shnatsel <291257+Shnatsel@users.noreply.github.com>
 2024-02-17 17:41:17 +00:00
Cai Bear
dce21838a8 Add advisory for buffer overflow in transpose (#1890) 
* Create transpose/RUSTSEC-0000-0000.md

* Fix typo

* Fix typo

* Fix `affected` specification

* Add a note about exploitation requirements

* Clarify exploitation conditions

---------

Co-authored-by: Sergey "Shnatsel" Davidoff <shnatsel@gmail.com>
 2024-02-17 17:38:56 +00:00
github-actions[bot]
11d62271d9 Synchronize IDs (2024-02-15) (#1889) 
Co-authored-by: amousset <329388+amousset@users.noreply.github.com>
 2024-02-14 20:22:49 -05:00
Alexis Mousset
8dc77464a3 Fix commit message for ID sync action (#1888) 2024-02-15 01:16:10 +00:00
Alexis Mousset
9187931116 Fix commit message for ID sync action (#1887) 2024-02-13 05:07:04 +01:00
Alex Gaynor
2792c8d270 Fixed syntax in sync-ids.yml (#1886) 2024-02-13 04:56:17 +01:00