advisory-db

mirror of https://github.com/OMGeeky/advisory-db.git synced 2026-01-02 17:46:38 +01:00

Author	SHA1	Message	Date
github-actions[bot]	19bb42eae6	Assigned RUSTSEC-2022-0044 to markdown (#1330 ) Co-authored-by: pinkforest <pinkforest@users.noreply.github.com>	2022-08-08 20:21:17 +10:00
Dylan Anthony	f3a8bd7e5b	List `markdown` as unmaintained (#1191 ) * List `markdown` as unmaintained The `markdown` crate is, naturally, the first one that comes up if you're searching crates.io for "markdown". Unfortunately, that particular crate has not received any updates since November of 2020 despite several known issues with open PRs. I opened https://github.com/johannhof/markdown.rs/issues/48 to request an update on maintenance status nearing a month ago and have no heard anything back.	2022-08-08 20:20:28 +10:00
Sergey "Shnatsel" Davidoff	d21aadd965	Mention OSV API in the README (#1328 )	2022-08-08 11:45:38 +02:00
pinkforest(she/her)	3b3160baec	Fix async-graphql patched (#1326 )	2022-08-06 16:41:24 +10:00
pinkforest(she/her)	c5aa9e0364	Add Triage Labels Guide (#1323 ) * Add Triage Labels Guide * Clarify period of objection - it depends * Clear out grammar * Link to radiate to intent * Mark labels as optional * Move optional to end	2022-08-06 03:12:27 +02:00
Sergey "Shnatsel" Davidoff	d5c278e8dd	Elaborate on `informational="unsound"` (#1322 ) * Elaborate on `informational="unsound"` * wodring	2022-08-05 03:00:49 +02:00
pinkforest(she/her)	bd30502590	Move tower-http out from year 2021 (#1319 ) * Move tower-http out from year 2021 * Yank tower-http 2021	2022-08-05 00:07:54 +02:00
github-actions[bot]	cfdc01461d	Assigned RUSTSEC-2022-0043 to tower-http (#1321 ) Co-authored-by: Shnatsel <Shnatsel@users.noreply.github.com>	2022-08-05 00:07:43 +02:00
pinkforest(she/her)	2827f80af4	Add tower-http 2022 version (#1320 )	2022-08-05 00:06:52 +02:00
github-actions[bot]	0db59724bf	Assigned RUSTSEC-2022-0042 to rustdecimal (#1318 ) Co-authored-by: Shnatsel <Shnatsel@users.noreply.github.com>	2022-08-04 23:10:46 +02:00
pinkforest(she/her)	4f53bcba87	Add malicious crate rustdecimal (#1317 )	2022-08-04 23:09:40 +02:00
pinkforest(she/her)	a6e020424c	Remove redundant lint check from assign-ids (#1315 )	2022-08-04 23:01:11 +02:00
Sergey "Shnatsel" Davidoff	259257927a	Revert "Add advisory rustdecimal (#1312 )" (#1313 ) This reverts commit `52cb9759dc`.	2022-08-04 22:29:06 +02:00
pinkforest(she/her)	52cb9759dc	Add advisory rustdecimal (#1312 )	2022-08-04 22:20:29 +02:00
Tony Arcieri	36705ccc1d	RUSTSEC-2020-0159: remove "withdrawn" (#1310 ) Now that there's an actionable fix, we should encourage people to upgrade	2022-08-04 13:52:46 -06:00
pinkforest(she/her)	163b82246e	Bump rust-admin 0.8.0 --skip-namecheck rustdecimal (#1308 )	2022-08-05 04:34:27 +10:00
Sergey "Shnatsel" Davidoff	d87417aea0	useless signed commit to fix toolign that expects signed commits	2022-08-04 20:21:19 +02:00
pinkforest	db78ca0149	Revert "Adopt rust-admin 0.8.0 --skip-namecheck rustdecimal"	2022-08-05 04:11:15 +10:00
pinkforest	63f44b37e5	Adopt rust-admin 0.8.0 --skip-namecheck rustdecimal	2022-08-05 04:10:34 +10:00
Tony Arcieri	6f3502cf6d	RUSTSEC-2020-0159 (chrono): add patched version (#1306 ) The 0.4.20 release of `chrono` includes a pure-Rust replacement for `localtime_r` which eliminates this issue.	2022-08-04 10:20:07 -06:00
github-actions[bot]	f1c5d4de52	Assigned RUSTSEC-2022-0041 to crossbeam-utils (#1305 ) Co-authored-by: pinkforest <pinkforest@users.noreply.github.com>	2022-08-04 23:56:30 +10:00
pinkforest(she/her)	3ee71b8734	Add Crossbeam AtomicCell<64> Soundness #1203 (#1304 ) Add Crossbeam AtomicCell<64> Soundness #1203 Address @amousset feedback	2022-08-04 23:55:01 +10:00
Yechan Bae	474984fe44	Explicitly mention soundness in the description (#1302 )	2022-08-03 16:49:16 -06:00
github-actions[bot]	e0c209077f	Assigned RUSTSEC-2022-0040 to owning_ref (#1301 ) Co-authored-by: Shnatsel <Shnatsel@users.noreply.github.com>	2022-08-02 21:47:23 +02:00
Sergey "Shnatsel" Davidoff	ff384c3d46	Initial advisory for owning_ref unsoundness (#1188 ) * Initial advisory for owning_ref unsoundness * move owning_ref advisory to a subfolder where it belongs * Add OwningRef::map is unsound to owning_ref Co-authored-by: pinkforest <36498018+pinkforest@users.noreply.github.com>	2022-08-02 21:41:46 +02:00
github-actions[bot]	d8dd62801c	Assigned RUSTSEC-2021-0136 to sass-rs (#1300 ) Co-authored-by: pinkforest <pinkforest@users.noreply.github.com>	2022-08-03 04:19:28 +10:00
Christopher Durham	9b48cb22a1	sass-rs is deprecated (#1228 ) * sass-rs is deprecated * Fix format	2022-08-03 04:18:05 +10:00
github-actions[bot]	a36ba66817	Assigned RUSTSEC-2022-0039 to odbc (#1299 ) Co-authored-by: pinkforest <pinkforest@users.noreply.github.com>	2022-08-03 04:15:56 +10:00
Bruno Bigras	0387267821	Add unmaintained advisory for odbc (#1151 ) fix #1044	2022-08-03 04:13:42 +10:00
github-actions[bot]	ec93834e77	Assigned RUSTSEC-2022-0037 to async-graphql, RUSTSEC-2022-0038 to juniper (#1298 ) Co-authored-by: pinkforest <pinkforest@users.noreply.github.com>	2022-08-03 03:59:55 +10:00
Dirkjan Ochtman	259863da4f	Add advisories for async-graphql/juniper denial of service issues (#1290 ) * Add advisory for async-graphql DoS issue * Add advisory for juniper DoS issue	2022-08-03 03:58:29 +10:00
github-actions[bot]	e4ac884b59	Assigned RUSTSEC-2022-0036 to r2d2_odbc (#1297 ) Co-authored-by: pinkforest <pinkforest@users.noreply.github.com>	2022-08-03 03:34:36 +10:00
pinkforest(she/her)	c568a8a3bc	Fix r2d2_odbc name (#1296 ) * Fix r2d2_odbc name	2022-08-03 03:32:03 +10:00
Bruno Bigras	d8e134f108	Add unmaintained advisory for r2d2-odbc (#1150 ) fix #1097	2022-08-03 03:14:56 +10:00
github-actions[bot]	6a31ac7433	Assigned RUSTSEC-2020-0163 to term_size (#1295 ) Co-authored-by: pinkforest <pinkforest@users.noreply.github.com>	2022-08-03 00:03:23 +10:00
LingMan	b0fc002bcd	Add unmaintained advisory for term_size (#1275 )	2022-08-03 00:01:14 +10:00
Evan Richter	fdbc12eb9f	fix typo in advisory date (#1294 )	2022-08-01 18:35:31 -04:00
Vitaly Shukela	f6c6cd09c9	Update CONTRIBUTING.md (#1292 ) Clarify file format for creating advisory. Explicitly mention that there should be markdown text, not just the toml.	2022-08-01 15:22:38 -04:00
github-actions[bot]	2618960a7f	Assigned RUSTSEC-2022-0035 to websocket (#1293 ) Co-authored-by: Shnatsel <Shnatsel@users.noreply.github.com>	2022-08-01 21:21:57 +02:00
Vitaly Shukela	7d36edf537	Add advisory for websocket (#1291 ) * Add advisory for websocket * Update RUSTSEC-0000-0000.md * Add text to websocket advisory * Add title to fix CI Co-authored-by: Sergey "Shnatsel" Davidoff <shnatsel@gmail.com>	2022-08-01 21:19:33 +02:00
Yechan Bae	2380d517ee	Remove redundant usually (#1288 )	2022-08-01 00:37:19 +02:00
Sergey "Shnatsel" Davidoff	c1ae578c27	Create MAINTAINERS_GUIDE.md (#1286 ) * Create MAINTAINERS_GUIDE.md * Clarify motivation for not making substantial edits unilaterally	2022-07-30 20:46:36 +02:00
github-actions[bot]	36df8a4efc	Assigned RUSTSEC-2022-0034 to pkcs11 (#1283 ) Co-authored-by: tarcieri <tarcieri@users.noreply.github.com>	2022-07-25 11:19:15 -06:00
Ionuț Mihalcea	48214447df	Add advisory for `pkcs11` (#1282 ) Signed-off-by: Ionut Mihalcea <ionut.mihalcea@arm.com>	2022-07-23 08:29:34 -06:00
github-actions[bot]	2718c2db84	Assigned RUSTSEC-2022-0033 to openssl-src (#1279 ) Co-authored-by: Shnatsel <Shnatsel@users.noreply.github.com>	2022-07-05 14:48:56 +02:00
Alexis Mousset	d820cf991c	Add advisory for openssl CVE-2022-2274 (#1276 )	2022-07-05 14:44:40 +02:00
github-actions[bot]	1c17612a36	Assigned RUSTSEC-2022-0032 to openssl-src (#1278 ) Co-authored-by: Shnatsel <Shnatsel@users.noreply.github.com>	2022-07-05 14:44:23 +02:00
Alexis Mousset	6f8de93f84	Add advisory for openssl CVE-2022-2097 (#1277 )	2022-07-05 14:33:40 +02:00
github-actions[bot]	b4ed922847	Assigned RUSTSEC-2022-0031 to rulex (#1274 ) Co-authored-by: Shnatsel <Shnatsel@users.noreply.github.com>	2022-06-26 22:01:26 +02:00
Evan Richter	d0e82ff0d7	rulex advisory for string indexing panic (#1272 )	2022-06-26 21:48:57 +02:00

1 2 3 4 5 ...

1712 Commits