OMGeeky/advisory-db
1
0
Fork 0
mirror of https://github.com/OMGeeky/advisory-db.git synced 2025-12-30 16:24:05 +01:00
Code Issues Packages Projects Releases Wiki Activity
786 Commits 1 Branch 0 Tags
00a4c19a4608a5010260bf3bf8e7b1e53e008bf2
Commit Graph

786 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Tony Arcieri
df8a0c466a RUSTSEC-2020-0036: add fehler (#370) 
When I originally filed this I used the list of alternatives that were
mentioned in the rust-internals announcement. That said, `fehler` is
another notable one by the same author as `failure`.
 2020-08-27 12:20:02 -07:00
github-actions[bot]
1d3ca11526 Assigned RUSTSEC-2020-0036 to failure (#369) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2020-08-27 10:18:03 -07:00
Tony Arcieri
002af101a9 failure: add informational "unmaintained" advisory (#368) 
Closes #284. See also:

- https://internals.rust-lang.org/t/failure-crate-maintenance/12087
- https://github.com/rust-lang-nursery/failure/pull/347
 2020-08-27 10:13:28 -07:00
Sergey "Shnatsel" Davidoff
47d1250738 Merge pull request #367 from RustSec/assign-ids 
Assigned RUSTSEC-2020-0035 to chunky
 2020-08-26 19:59:20 +02:00
github-actions[bot]
1a01f78fc4 Assigned RUSTSEC-2020-0035 to chunky 2020-08-26 17:54:14 +00:00
Sergey "Shnatsel" Davidoff
3681cfd81c Merge pull request #366 from Qwaz/0009-chunky 
chunky: Chunk API does not respect align requirement
 2020-08-26 19:53:32 +02:00
Yechan Bae
1aa3d292e7 Initial report for 0009-chunky 2020-08-25 22:31:38 -04:00
github-actions[bot]
9f4f703a7a Assigned RUSTSEC-2020-0034 to arr (#365) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2020-08-25 20:15:33 -04:00
Sergey "Shnatsel" Davidoff
19b654a00f Merge pull request #364 from Qwaz/0008-arr 
arr: Multiple security issues including data race, buffer overflow, and uninitialized memory drop
 2020-08-26 02:13:04 +02:00
Yechan Bae
dc88a65c30 Initial report for 0008-arr 2020-08-25 19:05:53 -04:00
Sergey "Shnatsel" Davidoff
df69587297 Merge pull request #363 from RustSec/assign-ids 
Assigned RUSTSEC-2020-0033 to alg_ds
 2020-08-25 23:30:04 +02:00
github-actions[bot]
f2ec755c6a Assigned RUSTSEC-2020-0033 to alg_ds 2020-08-25 21:29:08 +00:00
Sergey "Shnatsel" Davidoff
e80e4bba94 Merge pull request #362 from Qwaz/0007-alg_ds 
Matrix::new() drops uninitialized memory
 2020-08-25 23:28:32 +02:00
Yechan Bae
7df92198c8 Initial report for 0007-alg_ds 2020-08-25 17:05:50 -04:00
github-actions[bot]
2106e39f41 Assigned RUSTSEC-2020-0032 to alpm-rs (#361) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2020-08-25 16:32:10 -04:00
Sergey "Shnatsel" Davidoff
95382bacba Merge pull request #360 from Qwaz/0006-alpm-rs 
StrcCtx deallocates a memory region that it doesn't own
 2020-08-25 22:30:22 +02:00
Yechan Bae
0c82150105 Update 0006-alpm-rs 2020-08-25 15:50:00 -04:00
Yechan Bae
07f707755a Initial report for 0006-alpm-rs 2020-08-25 15:48:36 -04:00
github-actions[bot]
c12999b9c8 Assigned RUSTSEC-2020-0031 to tiny_http (#358) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2020-08-21 17:59:34 -04:00
Alex Gaynor
52f305fb45 renumber this as 0 so the assign ID script handles it (#357) 2020-08-21 17:58:10 -04:00
Sergey "Shnatsel" Davidoff
50e585fa5e Merge pull request #355 from snoopysecurity/add-tiny-http-request-smuggling 
Add tiny-http Request Smuggling
 2020-08-21 19:10:18 +02:00
Sergey "Shnatsel" Davidoff
1400f85920 drop categories 2020-08-21 19:09:16 +02:00
snoopysecurity
d7233ee826 Add tiny-http Request Smuggling 2020-08-21 10:56:33 +01:00
Sergey "Shnatsel" Davidoff
4b1e065e0c Merge pull request #354 from RustSec/assign-ids 
Assigned RUSTSEC-2020-0030 to mozwire
 2020-08-21 02:57:45 +02:00
github-actions[bot]
9587a27510 Assigned RUSTSEC-2020-0030 to mozwire 2020-08-21 00:57:05 +00:00
Sergey "Shnatsel" Davidoff
9eb3f9df91 Merge pull request #353 from alexanderkjall/master 
Missing sanitazion in mozwire allows local file overwrite of files ending in .conf
 2020-08-21 02:56:24 +02:00
Alexander Kjäll
ba84c3b5f6 Missing sanitazion in mozwire allows local file overwrite of files ending in .conf 2020-08-19 13:19:03 +02:00
Sergey "Shnatsel" Davidoff
91aeb3b093 Suggest lz-fear as an alternative to lz4-compress 2020-08-17 15:28:13 +02:00
Sergey "Shnatsel" Davidoff
8fba4e52f3 fix disclosure date 2020-08-15 03:34:56 +02:00
Sergey "Shnatsel" Davidoff
dcbd9baf6e Merge pull request #351 from RustSec/assign-ids 
Assigned RUSTSEC-2019-0036 to failure
 2020-08-15 02:02:28 +02:00
github-actions[bot]
8cfebb1f2b Assigned RUSTSEC-2019-0036 to failure 2020-08-14 23:04:44 +00:00
Sergey "Shnatsel" Davidoff
1837ccc396 Merge pull request #318 from Qwaz/failure-336 
Informational advisory for rust-lang-nursery/failure#336
 2020-08-15 01:03:56 +02:00
Yechan Bae
7ba77515fa Apply PR feedback 2020-08-14 18:15:56 -04:00
github-actions[bot]
90624f4e01 Assigned RUSTSEC-2020-0029 to rgb (#350) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2020-08-14 16:21:16 -04:00
Sergey "Shnatsel" Davidoff
361f5483eb Merge pull request #349 from RustSec/rgb 
Add advisory for rgb
 2020-08-14 22:18:48 +02:00
Sergey "Shnatsel" Davidoff
9611ff4c0e Added note about invariants, specified resolution 2020-08-14 21:24:17 +02:00
Sergey "Shnatsel" Davidoff
a61e5b2ca6 Fix spelling 
Co-authored-by: HeroicKatora <HeroicKatora@users.noreply.github.com>
 2020-08-14 21:19:39 +02:00
Sergey "Shnatsel" Davidoff
5cc0589551 Add advisory for rgb 2020-08-14 18:22:30 +02:00
github-actions[bot]
fdc3c78d2c Assigned RUSTSEC-2020-0028 to rocket (#348) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2020-08-14 11:51:50 -04:00
Sergey "Shnatsel" Davidoff
1b673b14ea Merge pull request #320 from Qwaz/rocket-1312 
Informational advisory for SergioBenitez/Rocket#1312
 2020-08-14 17:40:21 +02:00
Vinzent Steinberg
ee840d4a4d Add some minimal guideline about GHSA (#347) 
Fixes #345.
 2020-08-01 11:43:50 -07:00
Vinzent Steinberg
a7b90acdc2 Add alias for GHSA (#346) 
Co-authored-by: Tony Arcieri <bascule@gmail.com>
 2020-08-01 09:40:07 -07:00
Alex Gaynor
ca4219e11d Fixes #334 -- give the assignment PRs a useful commit message (#344) 
* Fixes #334 -- give the assignment PRs a useful commit message

* Update assign-ids.yml
 2020-07-24 14:14:12 -04:00
github-actions[bot]
20dbede595 Assign RUSTSEC IDs (#343) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2020-07-24 10:16:21 -07:00
Eduardo Sánchez Muñoz
36fb0b786c Add advisory for traitobject (#308) 
Co-authored-by: Tony Arcieri <bascule@gmail.com>
 2020-07-24 10:10:30 -07:00
github-actions[bot]
fa0771ddb7 Assign RUSTSEC IDs (#342) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2020-07-24 10:03:49 -07:00
Vinzent Steinberg
6d238619b6 Undefined behavior in Rand (#149) 
Co-authored-by: Ralf Jung <post@ralfj.de>
Co-authored-by: Tony Arcieri <bascule@gmail.com>
 2020-07-24 10:00:19 -07:00
github-actions[bot]
ce0b60265d Assign RUSTSEC-2018-0018 to smallvec (#341) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2020-07-24 11:48:53 -04:00
Ralf Jung
fca3269356 add smallvec unsoundness (#337) 2020-07-24 11:47:39 -04:00
github-actions[bot]
9ad6be8534 Assign RUSTSEC IDs (#340) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2020-07-24 11:47:27 -04:00