9 Commits

Author	SHA1	Message	Date
Tony Arcieri	64c17acfe3	Migrate all advisories to V2 format (closes #228) ... As announced in #228, this commit migrates all advisories to the new V2 format, which splits version information into a separate section, and now has a structure which corresponds to the internal code structure of the `rustsec` crate. This is a breaking change for users of `cargo-audit` < 0.9, and anyone who has written a 3rd party advisory format parser.	2020-03-01 10:46:35 -08:00
Tony Arcieri	782efebde9	Revert "Add affected functions to legacy security warnings (#83)" ... This reverts commit 0a981e2b6f. These now need to use the new `affected_paths` attribute, which has a different (VersionReq-bucketed) format.	2019-01-13 17:31:25 -08:00
Moritz Beller	0a981e2b6f	Add affected functions to legacy security warnings (#83) ... Add affected functions to advisories Add `affected_functions` to: - RUSTSEC-2018-0003 - RUSTSEC-2017-0002 - RUSTSEC-2018-0002 - RUSTSEC-2018-0001 - RUSTSEC-2017-0004	2018-12-21 06:11:32 -08:00
Tony Arcieri	2d9a2632a7	Keywords ... Documents the new `keywords` attribute and adds keywords to all current advisories. These can be consumed by the web UI.	2018-07-24 16:02:35 -07:00
Tony Arcieri	cb81d3ceaa	Rename "dwf" TOML tag to "aliases" (closes #36) ... Nobody knows what "dwf" is, and the data isn't presently consumed or surfaced by the `rustsec` crate, so we (hopefully) can rename it without breaking anything.	2018-07-21 19:47:30 -07:00
Tony Arcieri	79fd13ac6f	crates: Add 'id' attribute to all advisories ... This is needed to parse them with serde directly from these files (as opposed to using Advisories.toml)	2018-07-21 15:22:39 -07:00
Corey Farwell	18d848d456	RUSTSEC-2017-0004 is also known as CVE-2017-1000430	2017-12-29 13:49:40 -08:00
Tony Arcieri	524d876a8a	Assign RUSTSEC-2017-0004 to base64 ... Original PR: https://github.com/RustSec/advisory-db/pull/21	2017-05-04 09:52:29 -07:00
Andrew Ayer	b9a0862f48	Advisory: base64 heap-based buffer overflow	2017-05-03 17:05:46 -07:00