advisory-db

mirror of https://github.com/OMGeeky/advisory-db.git synced 2025-12-29 07:46:22 +01:00

Author	SHA1	Message	Date
github-actions[bot]	3ee42e2f72	Assigned RUSTSEC-2022-0047 to oqs (#1345 ) Co-authored-by: amousset <amousset@users.noreply.github.com>	2022-08-11 15:57:37 +02:00
Thom Wiggers	e6ddcfcd98	oqs: PQC signature scheme Rainbow level I parameterset broken (#1337 )	2022-08-11 15:54:17 +02:00
Thom Wiggers	cc8e02bc30	Remove enum variants from RUSTSEC-2022-0045 (#1340 ) * Enum variants can't be put in [affected.functions] * add note about affected variants in prose	2022-08-11 15:45:48 +02:00
github-actions[bot]	db3a09a691	Assigned RUSTSEC-2022-0046 to rocksdb (#1344 ) Co-authored-by: amousset <amousset@users.noreply.github.com>	2022-08-11 15:30:57 +02:00
Niklas Fiekas	94e8af7c0c	Add out-of-bounds read advisory for rocksdb (#1237 )	2022-08-11 15:30:02 +02:00
Andrew Chin	dda8c048b6	Updated README with info on informational advisories (#1341 )	2022-08-10 08:19:00 -06:00
github-actions[bot]	0846a34539	Assigned RUSTSEC-2021-0137 to sodiumoxide (#1342 ) Co-authored-by: pinkforest <pinkforest@users.noreply.github.com>	2022-08-10 14:01:59 +10:00
pinkforest(she/her)	8c0fc9759b	Add sodiumoxide unmaintained (#1334 ) * Add sodiumoxide unmaintained * dryoc url * Add Awesome Rust Cryptography * Address @tarcieri feedback :thumbsUp: * Add singatory and ring * Add Ed25519 libs	2022-08-10 14:01:23 +10:00
github-actions[bot]	8c261ff246	Assigned RUSTSEC-2022-0045 to oqs (#1339 ) Co-authored-by: Shnatsel <Shnatsel@users.noreply.github.com>	2022-08-09 12:26:05 +02:00
Thom Wiggers	6629c1333a	oqs: SIKE and SIDH are insecure (#1338 )	2022-08-09 12:24:53 +02:00
Sergey "Shnatsel" Davidoff	a8ebada593	bump rustsec-admin in publish-web workflow (#1335 ) Required for the changes from https://github.com/rustsec/rustsec/pull/633 to propagate	2022-08-09 00:30:49 +02:00
Sergey "Shnatsel" Davidoff	c5864c24b5	Fix "ghost" ID assignment PRs (#1332 )	2022-08-08 16:21:09 +02:00
github-actions[bot]	744a565d54	Assigned RUSTSEC-2018-0022 to temporary (#1331 ) Co-authored-by: pinkforest <pinkforest@users.noreply.github.com>	2022-08-08 21:03:27 +10:00
5225225	bacc597558	Add advisory for `temporary` (#1196 ) Thanks @5225225	2022-08-08 21:02:14 +10:00
github-actions[bot]	19bb42eae6	Assigned RUSTSEC-2022-0044 to markdown (#1330 ) Co-authored-by: pinkforest <pinkforest@users.noreply.github.com>	2022-08-08 20:21:17 +10:00
Dylan Anthony	f3a8bd7e5b	List `markdown` as unmaintained (#1191 ) * List `markdown` as unmaintained The `markdown` crate is, naturally, the first one that comes up if you're searching crates.io for "markdown". Unfortunately, that particular crate has not received any updates since November of 2020 despite several known issues with open PRs. I opened https://github.com/johannhof/markdown.rs/issues/48 to request an update on maintenance status nearing a month ago and have no heard anything back.	2022-08-08 20:20:28 +10:00
Sergey "Shnatsel" Davidoff	d21aadd965	Mention OSV API in the README (#1328 )	2022-08-08 11:45:38 +02:00
pinkforest(she/her)	3b3160baec	Fix async-graphql patched (#1326 )	2022-08-06 16:41:24 +10:00
pinkforest(she/her)	c5aa9e0364	Add Triage Labels Guide (#1323 ) * Add Triage Labels Guide * Clarify period of objection - it depends * Clear out grammar * Link to radiate to intent * Mark labels as optional * Move optional to end	2022-08-06 03:12:27 +02:00
Sergey "Shnatsel" Davidoff	d5c278e8dd	Elaborate on `informational="unsound"` (#1322 ) * Elaborate on `informational="unsound"` * wodring	2022-08-05 03:00:49 +02:00
pinkforest(she/her)	bd30502590	Move tower-http out from year 2021 (#1319 ) * Move tower-http out from year 2021 * Yank tower-http 2021	2022-08-05 00:07:54 +02:00
github-actions[bot]	cfdc01461d	Assigned RUSTSEC-2022-0043 to tower-http (#1321 ) Co-authored-by: Shnatsel <Shnatsel@users.noreply.github.com>	2022-08-05 00:07:43 +02:00
pinkforest(she/her)	2827f80af4	Add tower-http 2022 version (#1320 )	2022-08-05 00:06:52 +02:00
github-actions[bot]	0db59724bf	Assigned RUSTSEC-2022-0042 to rustdecimal (#1318 ) Co-authored-by: Shnatsel <Shnatsel@users.noreply.github.com>	2022-08-04 23:10:46 +02:00
pinkforest(she/her)	4f53bcba87	Add malicious crate rustdecimal (#1317 )	2022-08-04 23:09:40 +02:00
pinkforest(she/her)	a6e020424c	Remove redundant lint check from assign-ids (#1315 )	2022-08-04 23:01:11 +02:00
Sergey "Shnatsel" Davidoff	259257927a	Revert "Add advisory rustdecimal (#1312 )" (#1313 ) This reverts commit `52cb9759dc`.	2022-08-04 22:29:06 +02:00
pinkforest(she/her)	52cb9759dc	Add advisory rustdecimal (#1312 )	2022-08-04 22:20:29 +02:00
Tony Arcieri	36705ccc1d	RUSTSEC-2020-0159: remove "withdrawn" (#1310 ) Now that there's an actionable fix, we should encourage people to upgrade	2022-08-04 13:52:46 -06:00
pinkforest(she/her)	163b82246e	Bump rust-admin 0.8.0 --skip-namecheck rustdecimal (#1308 )	2022-08-05 04:34:27 +10:00
Sergey "Shnatsel" Davidoff	d87417aea0	useless signed commit to fix toolign that expects signed commits	2022-08-04 20:21:19 +02:00
pinkforest	db78ca0149	Revert "Adopt rust-admin 0.8.0 --skip-namecheck rustdecimal"	2022-08-05 04:11:15 +10:00
pinkforest	63f44b37e5	Adopt rust-admin 0.8.0 --skip-namecheck rustdecimal	2022-08-05 04:10:34 +10:00
Tony Arcieri	6f3502cf6d	RUSTSEC-2020-0159 (chrono): add patched version (#1306 ) The 0.4.20 release of `chrono` includes a pure-Rust replacement for `localtime_r` which eliminates this issue.	2022-08-04 10:20:07 -06:00
github-actions[bot]	f1c5d4de52	Assigned RUSTSEC-2022-0041 to crossbeam-utils (#1305 ) Co-authored-by: pinkforest <pinkforest@users.noreply.github.com>	2022-08-04 23:56:30 +10:00
pinkforest(she/her)	3ee71b8734	Add Crossbeam AtomicCell<64> Soundness #1203 (#1304 ) Add Crossbeam AtomicCell<64> Soundness #1203 Address @amousset feedback	2022-08-04 23:55:01 +10:00
Yechan Bae	474984fe44	Explicitly mention soundness in the description (#1302 )	2022-08-03 16:49:16 -06:00
github-actions[bot]	e0c209077f	Assigned RUSTSEC-2022-0040 to owning_ref (#1301 ) Co-authored-by: Shnatsel <Shnatsel@users.noreply.github.com>	2022-08-02 21:47:23 +02:00
Sergey "Shnatsel" Davidoff	ff384c3d46	Initial advisory for owning_ref unsoundness (#1188 ) * Initial advisory for owning_ref unsoundness * move owning_ref advisory to a subfolder where it belongs * Add OwningRef::map is unsound to owning_ref Co-authored-by: pinkforest <36498018+pinkforest@users.noreply.github.com>	2022-08-02 21:41:46 +02:00
github-actions[bot]	d8dd62801c	Assigned RUSTSEC-2021-0136 to sass-rs (#1300 ) Co-authored-by: pinkforest <pinkforest@users.noreply.github.com>	2022-08-03 04:19:28 +10:00
Christopher Durham	9b48cb22a1	sass-rs is deprecated (#1228 ) * sass-rs is deprecated * Fix format	2022-08-03 04:18:05 +10:00
github-actions[bot]	a36ba66817	Assigned RUSTSEC-2022-0039 to odbc (#1299 ) Co-authored-by: pinkforest <pinkforest@users.noreply.github.com>	2022-08-03 04:15:56 +10:00
Bruno Bigras	0387267821	Add unmaintained advisory for odbc (#1151 ) fix #1044	2022-08-03 04:13:42 +10:00
github-actions[bot]	ec93834e77	Assigned RUSTSEC-2022-0037 to async-graphql, RUSTSEC-2022-0038 to juniper (#1298 ) Co-authored-by: pinkforest <pinkforest@users.noreply.github.com>	2022-08-03 03:59:55 +10:00
Dirkjan Ochtman	259863da4f	Add advisories for async-graphql/juniper denial of service issues (#1290 ) * Add advisory for async-graphql DoS issue * Add advisory for juniper DoS issue	2022-08-03 03:58:29 +10:00
github-actions[bot]	e4ac884b59	Assigned RUSTSEC-2022-0036 to r2d2_odbc (#1297 ) Co-authored-by: pinkforest <pinkforest@users.noreply.github.com>	2022-08-03 03:34:36 +10:00
pinkforest(she/her)	c568a8a3bc	Fix r2d2_odbc name (#1296 ) * Fix r2d2_odbc name	2022-08-03 03:32:03 +10:00
Bruno Bigras	d8e134f108	Add unmaintained advisory for r2d2-odbc (#1150 ) fix #1097	2022-08-03 03:14:56 +10:00
github-actions[bot]	6a31ac7433	Assigned RUSTSEC-2020-0163 to term_size (#1295 ) Co-authored-by: pinkforest <pinkforest@users.noreply.github.com>	2022-08-03 00:03:23 +10:00
LingMan	b0fc002bcd	Add unmaintained advisory for term_size (#1275 )	2022-08-03 00:01:14 +10:00

1 2 3 4 5 ...

1726 Commits