815 Commits

Author	SHA1	Message	Date
Yechan Bae	ce4db769c2	Update CVE numbers (#870)	2021-04-13 14:10:09 -07:00
Alex Huszagh	65efff6ab5	Update advisory to indicate patched versions of stackvector.	2021-04-12 22:59:53 -05:00
Ken Reed	abdfc42fea	Added patch to "fix" vulnerability. (#866) ... * patch note * added patch version	2021-04-06 06:43:11 -07:00
Shnatsel	113188c623	Assigned RUSTSEC-2021-0051 to outer_cgi, RUSTSEC-2021-0052 to id-map	2021-04-02 08:19:57 +00:00
Sergey "Shnatsel" Davidoff	21e46e9a65	Merge pull request #863 from ammaraskar/id-map ... Add advisory for double-free issues in id-map	2021-04-02 10:19:13 +02:00
Ammar Askar	1f8dfd9503	Add advisory for uninitialized exposure in outer_cgi	2021-03-31 08:17:57 -07:00
Ammar Askar	f35600e723	Add advisory for double-free issues in id-map	2021-03-31 08:06:30 -07:00
Shnatsel	1f9f3620e0	Assigned RUSTSEC-2021-0050 to reorder	2021-03-31 11:30:04 +00:00
Sergey "Shnatsel" Davidoff	09466c5095	Merge pull request #860 from ammaraskar/reorder ... Add advisory for out-of-bounds write and uninitialized memory exposure in reorder	2021-03-31 13:29:33 +02:00
Ammar Askar	7b3ef9f3a5	Add advisory for out-of-bounds write and uninitialized memory exposure in reorder	2021-03-30 23:44:20 -07:00
Kyle Schaffrick	66a13ee850	max7301: Mark RUSTSEC-2020-0152 as patched. (#859)	2021-03-30 17:58:17 -04:00
Shnatsel	b4a8916121	Assigned RUSTSEC-2020-0152 to max7301	2021-03-30 17:53:01 +00:00
Sergey "Shnatsel" Davidoff	c0257cfb24	Merge pull request #857 from ammaraskar/max7301 ... Add advisory for data race in max7301	2021-03-30 19:46:11 +02:00
Ammar Askar	834ec15bd5	Add advisory for data race in max7301	2021-03-30 09:51:34 -07:00
alex	80ff151a86	Assigned RUSTSEC-2020-0151 to generator	2021-03-30 15:09:14 +00:00
Ammar Askar	39b2617fc7	Add advisory for data race in generator (#855)	2021-03-30 11:08:34 -04:00
Shnatsel	d262067f8a	Assigned RUSTSEC-2020-0150 to disrustor	2021-03-30 02:47:43 +00:00
Sergey "Shnatsel" Davidoff	74f5452824	Merge pull request #849 from ammaraskar/disrustor ... Report aliasing violation and data race in disrustor	2021-03-30 04:47:20 +02:00
Shnatsel	2127468042	Assigned RUSTSEC-2020-0149 to appendix, RUSTSEC-2021-0049 to through	2021-03-30 02:24:36 +00:00
Sergey "Shnatsel" Davidoff	542f10cf16	Merge pull request #850 from ammaraskar/through ... Report double-free in through crate	2021-03-30 04:23:56 +02:00
Sergey "Shnatsel" Davidoff	ce9e6f4187	Merge pull request #852 from RustSec/assign-ids ... Assigned RUSTSEC-2021-0048 to stackvector	2021-03-30 04:23:13 +02:00
Sergey "Shnatsel" Davidoff	3e5e0df85c	Merge pull request #848 from ammaraskar/appendix ... Report data race and memory safety issue in appendix	2021-03-30 04:23:03 +02:00
Shnatsel	508a2af02c	Assigned RUSTSEC-2021-0048 to stackvector	2021-03-30 02:22:34 +00:00
Sergey "Shnatsel" Davidoff	2b53054c5f	Merge pull request #847 from ammaraskar/stackvector ... Report out-of-bounds write in stackvec	2021-03-30 04:21:45 +02:00
Shnatsel	7eb0c5eb27	Assigned RUSTSEC-2021-0047 to slice-deque	2021-03-30 02:20:34 +00:00
Sergey "Shnatsel" Davidoff	e60d4aa2ad	Merge pull request #846 from ammaraskar/slice-deque ... Report double-free in slice-deque	2021-03-30 04:19:36 +02:00
Ammar Askar	7a48c26392	Report double-free in through crate	2021-03-29 13:10:43 -07:00
Ammar Askar	8923895323	Report aliasing violation and data race in disrustor	2021-03-29 12:31:24 -07:00
Ammar Askar	4b209813ab	Report data race and memory safety issue in appendix	2021-03-29 11:15:24 -07:00
Ammar Askar	d93ffb22ef	Report out-of-bounds write in stackvec	2021-03-29 09:47:23 -07:00
Ammar Askar	727cea2410	Report double-free in slice-deque	2021-03-29 08:57:15 -07:00
Alexis Mousset	b10d085c36	RUSTSEC-2021-0020 is fixed in hyper 0.12.36 too ... See https://github.com/hyperium/hyper/blob/0.12.x/CHANGELOG.md#v01236-2021-02-17 Fix was backported to 0.12.x in https://github.com/hyperium/hyper/pull/2436 and released in 0.12.36.	2021-03-29 13:59:27 +02:00
Shnatsel	de97e74044	Assigned RUSTSEC-2021-0046 to telemetry	2021-03-29 06:55:04 +00:00
Sergey "Shnatsel" Davidoff	5f91ab66a3	Merge pull request #843 from ammaraskar/telemetry ... Report uninitialized memory drop on panic in telemetry	2021-03-29 08:54:38 +02:00
Ammar Askar	e46aa5b08f	Report uninitialized memory drop on panic in telemetry	2021-03-28 23:47:51 -07:00
Shnatsel	14cf0de07c	Assigned RUSTSEC-2021-0045 to adtensor	2021-03-29 06:34:28 +00:00
Sergey "Shnatsel" Davidoff	6b8dc890ce	Merge pull request #841 from ammaraskar/adtensor ... Report uninitialized memory drop in adtensor	2021-03-29 08:33:49 +02:00
Ammar Askar	4418b8d1a3	Report uninitialized memory drop in adtensor	2021-03-28 23:32:12 -07:00
Shnatsel	36b0c9b40e	Assigned RUSTSEC-2020-0148 to cgc	2021-03-26 19:11:23 +00:00
Ammar Askar	c8604c2616	Add advisory for multiple issues in cgc	2021-03-26 08:48:57 -07:00
github-actions[bot]	ca8a60b7be	Assigned RUSTSEC-2021-0044 to rocket (#838) ... Co-authored-by: alex <alex@users.noreply.github.com>	2021-03-26 10:23:59 -04:00
Ammar Askar	8f7af7c6c5	[patched] Add advisory for use-after-free in rocket (#834) ... * Add advisory for use-after-free in rocket * Clarify that the UAF can only happen during or after unwinding	2021-03-26 10:17:31 -04:00
github-actions[bot]	40e78f4922	Assigned RUSTSEC-2021-0043 to uu_od (#837) ... Co-authored-by: alex <alex@users.noreply.github.com>	2021-03-26 09:07:17 -04:00
Ammar Askar	6265d0dc36	Add advisory for uninitialized exposure in uu_od (#836)	2021-03-26 09:05:12 -04:00
Shnatsel	996a3eca3b	Assigned RUSTSEC-2021-0042 to insert_many	2021-03-26 06:43:47 +00:00
Ammar Askar	c742f10bbd	Add advisory for double-free in insert_many	2021-03-25 22:57:00 -07:00
github-actions[bot]	3ddeb5c6cf	Assigned RUSTSEC-2021-0041 to parse_duration (#829) ... Co-authored-by: tarcieri <tarcieri@users.noreply.github.com>	2021-03-24 21:45:20 -07:00
Disconnect3d	3864def6bf	parse_duration: parse DoS through payloads with big exponent (#827)	2021-03-24 21:43:09 -07:00
Yechan Bae	cda5b3ffd4	Update CVE numbers (#828)	2021-03-19 14:21:58 -07:00
Shnatsel	0bc081bb02	Assigned RUSTSEC-2021-0040 to arenavec	2021-03-07 15:10:05 +00:00