OMGeeky/advisory-db
1
0
Fork 0
mirror of https://github.com/OMGeeky/advisory-db.git synced 2025-12-30 08:13:58 +01:00
Code Issues Packages Projects Releases Wiki Activity
653 Commits 1 Branch 0 Tags
60caffb2bf31366e7716fbb2b1ea7203746ad6f4
Commit Graph

653 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
github-actions[bot]
60caffb2bf Assigned RUSTSEC-2020-0040 to obstack 2020-09-04 19:35:03 +00:00
Sergey "Shnatsel" Davidoff
ec4382d316 Merge pull request #373 from Qwaz/0011-obstack 
obstack: Obstack generates unaligned references
 2020-09-04 21:34:28 +02:00
Sergey "Shnatsel" Davidoff
87aae01a36 mark ">= 0.1.4" as fixed 2020-09-04 21:32:48 +02:00
Sergey "Shnatsel" Davidoff
f5e8a8ef29 Merge pull request #377 from RustSec/assign-ids 
Assigned RUSTSEC-2020-0039 to simple-slab
 2020-09-04 12:11:34 +02:00
github-actions[bot]
d7fd255bf0 Assigned RUSTSEC-2020-0039 to simple-slab 2020-09-04 10:10:44 +00:00
Sergey "Shnatsel" Davidoff
4947069dc8 Merge pull request #376 from Qwaz/0013-simple-slab 
simple-slab: `index()` allows out-of-bound read and `remove()` has off-by-one error
 2020-09-04 12:10:07 +02:00
Yechan Bae
d2aaa6c1b2 Initial report for 0013-simple-slab 2020-09-03 23:56:02 -04:00
Sergey "Shnatsel" Davidoff
95868762d3 Merge pull request #375 from RustSec/assign-ids 
Assigned RUSTSEC-2020-0038 to ordnung
 2020-09-03 13:22:01 +02:00
github-actions[bot]
75a29e606a Assigned RUSTSEC-2020-0038 to ordnung 2020-09-03 10:47:37 +00:00
Sergey "Shnatsel" Davidoff
0cee8f8f4d Merge pull request #374 from Qwaz/0012-ordnung 
ordnung: Memory safety issues in `compact::Vec`
 2020-09-03 12:47:00 +02:00
Yechan Bae
d5811c82b2 Update 0012-ordnung 2020-09-03 06:29:27 -04:00
Yechan Bae
daf2b6281a Initial report for 0011-obstack 2020-09-03 02:27:06 -04:00
Sergey "Shnatsel" Davidoff
68e0e1f7c0 Merge pull request #372 from RustSec/assign-ids 
Assigned RUSTSEC-2020-0037 to crayon
 2020-08-31 23:38:51 +02:00
github-actions[bot]
fe43002372 Assigned RUSTSEC-2020-0037 to crayon 2020-08-31 21:35:14 +00:00
Sergey "Shnatsel" Davidoff
8acfb6ad12 Merge pull request #371 from Qwaz/0010-crayon 
crayon: Misbehaving `HandleLike` implementation can lead to memory safety violation
 2020-08-31 23:34:37 +02:00
Yechan Bae
484d002213 Initial report for 0010-crayon 2020-08-31 17:14:55 -04:00
Sergey "Shnatsel" Davidoff
c341943a3c Merge pull request #352 from RustSec/lz-fear-suggestion 
Suggest lz-fear as an alternative to lz4-compress
 2020-08-27 22:59:48 +02:00
Tony Arcieri
df8a0c466a RUSTSEC-2020-0036: add fehler (#370) 
When I originally filed this I used the list of alternatives that were
mentioned in the rust-internals announcement. That said, `fehler` is
another notable one by the same author as `failure`.
 2020-08-27 12:20:02 -07:00
github-actions[bot]
1d3ca11526 Assigned RUSTSEC-2020-0036 to failure (#369) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2020-08-27 10:18:03 -07:00
Tony Arcieri
002af101a9 failure: add informational "unmaintained" advisory (#368) 
Closes #284. See also:

- https://internals.rust-lang.org/t/failure-crate-maintenance/12087
- https://github.com/rust-lang-nursery/failure/pull/347
 2020-08-27 10:13:28 -07:00
Sergey "Shnatsel" Davidoff
47d1250738 Merge pull request #367 from RustSec/assign-ids 
Assigned RUSTSEC-2020-0035 to chunky
 2020-08-26 19:59:20 +02:00
github-actions[bot]
1a01f78fc4 Assigned RUSTSEC-2020-0035 to chunky 2020-08-26 17:54:14 +00:00
Sergey "Shnatsel" Davidoff
3681cfd81c Merge pull request #366 from Qwaz/0009-chunky 
chunky: Chunk API does not respect align requirement
 2020-08-26 19:53:32 +02:00
Yechan Bae
1aa3d292e7 Initial report for 0009-chunky 2020-08-25 22:31:38 -04:00
github-actions[bot]
9f4f703a7a Assigned RUSTSEC-2020-0034 to arr (#365) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2020-08-25 20:15:33 -04:00
Sergey "Shnatsel" Davidoff
19b654a00f Merge pull request #364 from Qwaz/0008-arr 
arr: Multiple security issues including data race, buffer overflow, and uninitialized memory drop
 2020-08-26 02:13:04 +02:00
Yechan Bae
dc88a65c30 Initial report for 0008-arr 2020-08-25 19:05:53 -04:00
Sergey "Shnatsel" Davidoff
df69587297 Merge pull request #363 from RustSec/assign-ids 
Assigned RUSTSEC-2020-0033 to alg_ds
 2020-08-25 23:30:04 +02:00
github-actions[bot]
f2ec755c6a Assigned RUSTSEC-2020-0033 to alg_ds 2020-08-25 21:29:08 +00:00
Sergey "Shnatsel" Davidoff
e80e4bba94 Merge pull request #362 from Qwaz/0007-alg_ds 
Matrix::new() drops uninitialized memory
 2020-08-25 23:28:32 +02:00
Yechan Bae
7df92198c8 Initial report for 0007-alg_ds 2020-08-25 17:05:50 -04:00
github-actions[bot]
2106e39f41 Assigned RUSTSEC-2020-0032 to alpm-rs (#361) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2020-08-25 16:32:10 -04:00
Sergey "Shnatsel" Davidoff
95382bacba Merge pull request #360 from Qwaz/0006-alpm-rs 
StrcCtx deallocates a memory region that it doesn't own
 2020-08-25 22:30:22 +02:00
Yechan Bae
0c82150105 Update 0006-alpm-rs 2020-08-25 15:50:00 -04:00
Yechan Bae
07f707755a Initial report for 0006-alpm-rs 2020-08-25 15:48:36 -04:00
github-actions[bot]
c12999b9c8 Assigned RUSTSEC-2020-0031 to tiny_http (#358) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2020-08-21 17:59:34 -04:00
Alex Gaynor
52f305fb45 renumber this as 0 so the assign ID script handles it (#357) 2020-08-21 17:58:10 -04:00
Sergey "Shnatsel" Davidoff
50e585fa5e Merge pull request #355 from snoopysecurity/add-tiny-http-request-smuggling 
Add tiny-http Request Smuggling
 2020-08-21 19:10:18 +02:00
Sergey "Shnatsel" Davidoff
1400f85920 drop categories 2020-08-21 19:09:16 +02:00
snoopysecurity
d7233ee826 Add tiny-http Request Smuggling 2020-08-21 10:56:33 +01:00
Sergey "Shnatsel" Davidoff
4b1e065e0c Merge pull request #354 from RustSec/assign-ids 
Assigned RUSTSEC-2020-0030 to mozwire
 2020-08-21 02:57:45 +02:00
github-actions[bot]
9587a27510 Assigned RUSTSEC-2020-0030 to mozwire 2020-08-21 00:57:05 +00:00
Sergey "Shnatsel" Davidoff
9eb3f9df91 Merge pull request #353 from alexanderkjall/master 
Missing sanitazion in mozwire allows local file overwrite of files ending in .conf
 2020-08-21 02:56:24 +02:00
Alexander Kjäll
ba84c3b5f6 Missing sanitazion in mozwire allows local file overwrite of files ending in .conf 2020-08-19 13:19:03 +02:00
Sergey "Shnatsel" Davidoff
91aeb3b093 Suggest lz-fear as an alternative to lz4-compress 2020-08-17 15:28:13 +02:00
Sergey "Shnatsel" Davidoff
8fba4e52f3 fix disclosure date 2020-08-15 03:34:56 +02:00
Sergey "Shnatsel" Davidoff
dcbd9baf6e Merge pull request #351 from RustSec/assign-ids 
Assigned RUSTSEC-2019-0036 to failure
 2020-08-15 02:02:28 +02:00
github-actions[bot]
8cfebb1f2b Assigned RUSTSEC-2019-0036 to failure 2020-08-14 23:04:44 +00:00
Sergey "Shnatsel" Davidoff
1837ccc396 Merge pull request #318 from Qwaz/failure-336 
Informational advisory for rust-lang-nursery/failure#336
 2020-08-15 01:03:56 +02:00
Yechan Bae
7ba77515fa Apply PR feedback 2020-08-14 18:15:56 -04:00