OMGeeky/advisory-db
1
0
Fork 0
mirror of https://github.com/OMGeeky/advisory-db.git synced 2025-12-30 16:24:05 +01:00
Code Issues Packages Projects Releases Wiki Activity
1,610 Commits 1 Branch 0 Tags
616ecfe7a324fcdf799f165441b191db84ce3da9
Commit Graph

1610 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
github-actions[bot]
616ecfe7a3 Assigned RUSTSEC-2022-0011 to rust-crypto (#1202) 
Co-authored-by: tarcieri <tarcieri@users.noreply.github.com>
 2022-03-01 09:17:42 -07:00
Max Dymond
6ffb74d491 rust-crypto: miscomputation when performing AES encryption (#1201) 2022-03-01 09:15:40 -07:00
Sebastian Klose
0ff38eb722 Update RUSTSEC-2020-0150.md (#1199) 
This CVE has been fixed in version 0.3. Please see https://github.com/sklose/disrustor/issues/1 for details.
 2022-02-21 16:23:42 -05:00
github-actions[bot]
6627556189 Assigned RUSTSEC-2022-0010 to enum-map (#1198) 
Co-authored-by: Shnatsel <Shnatsel@users.noreply.github.com>
 2022-02-18 23:15:59 +01:00
Konrad Borowski
52b96a91c2 Add unsoundness advisory for enum-map (#1197) 
Co-authored-by: Sergey "Shnatsel" Davidoff <shnatsel@gmail.com>

Co-authored-by: Sergey "Shnatsel" Davidoff <shnatsel@gmail.com>
 2022-02-18 23:00:29 +01:00
Sergey "Shnatsel" Davidoff
97388358de Suggest maintained alternatives for Rental advisory (#1187) 
* Suggest maintained alternatives for Rental advisory

* move `ouroboros` higher on the list as by far the most popular

* add `escher`; thanks to Nick12 for suggesting
 2022-02-09 15:34:03 +01:00
Thomas Eizinger
9079010767 Update RUSTSEC-2022-0009.md (#1186) 
* Update RUSTSEC-2022-0009.md

We published a semver compatible upgrade that includes the security fix.

* A 0.30.x point release has been issued; include it

Co-authored-by: Sergey "Shnatsel" Davidoff <shnatsel@gmail.com>
 2022-02-07 15:18:27 +01:00
github-actions[bot]
17946d71c3 Assigned RUSTSEC-2020-0162 to tokio-proto (#1185) 
Co-authored-by: Shnatsel <Shnatsel@users.noreply.github.com>
 2022-02-07 03:25:36 +01:00
Ben Kimock
ff3a52648c Mark tokio-proto as deprecated (#1184) 
* Mark tokio-proto as deprecated

* Note that the repo is archived
 2022-02-07 03:23:42 +01:00
github-actions[bot]
8f550f1235 Assigned RUSTSEC-2022-0009 to libp2p-core (#1183) 
Co-authored-by: Shnatsel <Shnatsel@users.noreply.github.com>
 2022-02-07 01:53:14 +01:00
Thomas Eizinger
ec4cc26a33 Add entry for libp2p-core vulnerability (#1182) 
* Add entry for libp2p-core vulnerability

* Update crates/libp2p-core/RUSTSEC-0000-0000.md

Co-authored-by: Sergey "Shnatsel" Davidoff <shnatsel@gmail.com>

* Update crates/libp2p-core/RUSTSEC-0000-0000.md

Co-authored-by: Sergey "Shnatsel" Davidoff <shnatsel@gmail.com>

Co-authored-by: Sergey "Shnatsel" Davidoff <shnatsel@gmail.com>
 2022-02-07 01:49:19 +01:00
Sergey "Shnatsel" Davidoff
b2a864d3d9 Add patched version to DashMap advisory (#1181) 2022-02-06 18:02:38 +01:00
github-actions[bot]
c9a98f3b36 Assigned RUSTSEC-2022-0008 to windows (#1178) 
Co-authored-by: Shnatsel <Shnatsel@users.noreply.github.com>
 2022-02-04 16:22:53 +01:00
Konrad Borowski
989da55082 Add advisory for windows (#1177) 2022-02-04 16:00:05 +01:00
github-actions[bot]
9da1eb7ef4 Assigned RUSTSEC-2022-0007 to qcell (#1172) 
Co-authored-by: Shnatsel <Shnatsel@users.noreply.github.com>
 2022-01-24 18:41:17 +01:00
Jim Peters
3c8a9dc31d Add qcell crate advisory (#1171) 
Co-authored-by: Jim Peters <jim@uazu.net>
 2022-01-24 18:38:17 +01:00
github-actions[bot]
9839c6ee0f Assigned RUSTSEC-2022-0006 to thread_local (#1170) 
Co-authored-by: Shnatsel <Shnatsel@users.noreply.github.com>
 2022-01-24 15:39:43 +01:00
Ibraheem Ahmed
1ecfb4a345 Add advisory for Amanieu/thread_local-rs#33 (#1169) 
* Create RUSTSEC-0000-0000.md

* Correct folder

* Revert "Correct folder"

This reverts commit 0dbbd24844e040f8ed95f21f91740781a3317136.

* Correct package name

Co-authored-by: Sergey "Shnatsel" Davidoff <sdavydov@google.com>
 2022-01-24 15:36:41 +01:00
github-actions[bot]
0ca65bbdd4 Assigned RUSTSEC-2022-0005 to ftd2xx-embedded-hal (#1168) 
Co-authored-by: Shnatsel <Shnatsel@users.noreply.github.com>
 2022-01-22 19:27:42 +01:00
Alex
e8f33f7e5f Add unmaintained crate advisory for ftd2xx-embedded-hal (#1167) 
Has been renamed to `ftdi-embedded-hal`.
 2022-01-22 19:24:21 +01:00
David Pedersen
190dfb9dc6 Update which tower-http versions are affected by RUSTSEC-2021-0135 (#1166) 2022-01-22 16:22:46 +01:00
github-actions[bot]
5a24458fad Assigned RUSTSEC-2022-0004 to rustc-serialize (#1164) 
Co-authored-by: Shnatsel <Shnatsel@users.noreply.github.com>
 2022-01-21 19:16:26 +01:00
5225225
3e6d7719d5 Add advisory for rustc_serialize (#1140) 2022-01-21 19:13:12 +01:00
github-actions[bot]
258329bae6 Assigned RUSTSEC-2020-0161 to array-macro (#1163) 
Co-authored-by: Shnatsel <Shnatsel@users.noreply.github.com>
 2022-01-21 18:52:31 +01:00
Konrad Borowski
d1235dbbd9 Add advisory for array-macro (#1162) 2022-01-21 18:50:20 +01:00
Sergey "Shnatsel" Davidoff
b0dce59b2a Fix version specification in CVE-2022-21658 (#1161) 2022-01-21 16:27:28 +01:00
github-actions[bot]
3e8ee0982f Assigned RUSTSEC-2021-0135 to tower-http (#1160) 
Co-authored-by: Shnatsel <Shnatsel@users.noreply.github.com>
 2022-01-21 16:19:56 +01:00
David Pedersen
ff5b44566d Add advisory for tower-http#204 (#1159) 2022-01-21 16:17:08 +01:00
Jesse Szwedko
d4c65da07d Correct year for CVE-2022-21658 (#1157) 
I accidentally put 2021.

Signed-off-by: Jesse Szwedko <jesse@szwedko.me>
 2022-01-20 22:12:36 -05:00
Jesse Szwedko
aad861dd0f Add advisory for CVE-2022-21658 (#1155) 
Closes: https://github.com/rustsec/advisory-db/issues/1154

Signed-off-by: Jesse Szwedko <jesse@szwedko.me>
 2022-01-21 02:54:24 +01:00
github-actions[bot]
bf972ed7d4 Assigned RUSTSEC-2022-0003 to ammonia (#1153) 
Co-authored-by: Shnatsel <Shnatsel@users.noreply.github.com>
 2022-01-19 23:35:01 +01:00
Michael Howell
770c8cadd4 Add rust-ammonia/ammonia#147 (#1152) 2022-01-19 23:33:28 +01:00
Jan Zerebecki
2e646db508 Add CVE to RUSTSEC-2021-0124 (#1149) 2022-01-13 23:33:38 +03:00
github-actions[bot]
36e44b1fb3 Assigned RUSTSEC-2022-0002 to dashmap (#1148) 
Co-authored-by: Shnatsel <Shnatsel@users.noreply.github.com>
 2022-01-13 19:31:06 +03:00
baptiste0928
61d8acaf87 Undefined behavior in dashmap (#1146) 
* Create advisory for dashmap

* Update dashmap advisory

* Fix typo

Co-authored-by: Léo Lanteri Thauvin <leseulartichaut@gmail.com>

* Add memory-exposure category

* Add affected functions

Co-authored-by: Léo Lanteri Thauvin <leseulartichaut@gmail.com>
 2022-01-13 19:28:39 +03:00
Tony Arcieri
14b4f22897 RUSTSEC-2016-0015: remove sodiumoxide recommendation (#1145) 
`sodiumoxide` is unmaintained itself. See #1090.

We haven't filed a specific unmaintained crate advisory for it yet, but probably should.
 2022-01-09 13:07:15 -07:00
Tony Arcieri
977984668a README.md: bump maintained date 2022-01-05 09:03:22 -07:00
github-actions[bot]
9997408c08 Assigned RUSTSEC-2022-0001 to lmdb (#1143) 
Co-authored-by: tarcieri <tarcieri@users.noreply.github.com>
 2022-01-05 09:02:27 -07:00
Jake Shadle
0bc3195338 Add unmaintained advisory for lmdb (#1142) 2022-01-05 08:52:21 -07:00
github-actions[bot]
dcf8fb2a44 Assigned RUSTSEC-2021-0134 to rental (#1137) 
Co-authored-by: alex <alex@users.noreply.github.com>
 2021-12-27 14:44:42 -05:00
Ben Kimock
2b51ce8274 Report that rental is no longer maintained (#1136) 2021-12-27 14:43:25 -05:00
github-actions[bot]
de2da25935 Assigned RUSTSEC-2020-0160 to shamir (#1135) 
Co-authored-by: Shnatsel <Shnatsel@users.noreply.github.com>
 2021-12-27 14:42:26 -05:00
Ben Kimock
a20a779bf7 Turn the issue about shamir into an advisory (#1134) 2021-12-27 20:28:54 +01:00
github-actions[bot]
1ea676a614 Assigned RUSTSEC-2021-0133 to cargo-download (#1133) 
Co-authored-by: Shnatsel <Shnatsel@users.noreply.github.com>
 2021-12-25 19:20:22 +01:00
pinkforest(she/her)
7f0874b516 Mark cargo-download unmaintained (#1132) 2021-12-25 19:04:31 +01:00
Ben Kimock
3952f343f1 Mark arrow advisories as fixed in https://github.com/apache/arrow-rs/issues/817 (#1131) 2021-12-22 16:15:54 -05:00
github-actions[bot]
dd7d3d726a Assigned RUSTSEC-2021-0132 to compu-brotli-sys (#1130) 
Co-authored-by: Shnatsel <Shnatsel@users.noreply.github.com>
 2021-12-21 23:27:44 +01:00
Sergey "Shnatsel" Davidoff
dc5ced1155 CVE-2020-8927 for compu-brotli-sys (#1129) 2021-12-21 23:26:29 +01:00
github-actions[bot]
32b107c4c6 Assigned RUSTSEC-2021-0131 to brotli-sys (#1128) 
Co-authored-by: Shnatsel <Shnatsel@users.noreply.github.com>
 2021-12-21 21:51:30 +01:00
Sergey "Shnatsel" Davidoff
94bde4a325 Brotli CVE-2020-8927 redux (#1127) 
* Create RUSTSEC-0000-0000.md

* wording
 2021-12-21 21:48:42 +01:00