6 Commits

Author	SHA1	Message	Date
Roy Wellington Ⅳ	200651cff2	Correct affected version range on RUSTSEC-2019-003[34] to patched at 0.1.20 ... I believe these two vulnerabilities were patched at 0.1.20. For RUSTSEC-2019-0033: The advisory links to the bug: https://github.com/hyperium/http/issues/352 In that bug, the fixing PR was https://github.com/hyperium/http/pull/360 That PR merged the commit 81ceb61 to fix the bug; that commit, according to GitHub, was first picked up by tag v0.1.20 ([commit][1]). [1]: 81ceb611cf For RUSTSEC-2019-0034: This advisory is two separate GitHub issues against `HeaderMap::drain`, http #354 and http #355. For the first: the issue: https://github.com/hyperium/http/issues/354 In that bug, the fixing PR was https://github.com/hyperium/http/pull/357 That PR merged the commit 82d53db to fix the bug; that commit, according to GitHub, was first picked up by tag v0.1.20 ([commit][2]). [2]: 82d53dbdfd For the second: the issue: https://github.com/hyperium/http/issues/355 In that bug, the fixing PR was https://github.com/hyperium/http/pull/362 That PR merged the commit 8ffe094 to fix the bug; that commit, according to GitHub, was first picked up by tag v0.1.20 ([commit][3]). [3]: 8ffe094df1	2020-01-09 12:20:27 -05:00
Tony Arcieri	526892a193	Assign RUSTSEC-2019-0034 to http ... Original PR: https://github.com/RustSec/advisory-db/pull/218	2020-01-09 11:24:52 -05:00
Tony Arcieri	52e0b4e186	Merge branch 'master' into http2	2020-01-09 10:49:26 -05:00
Tony Arcieri	0e59ecb72d	Assign RUSTSEC-2019-0033 to http ... Original PR: https://github.com/RustSec/advisory-db/pull/217	2020-01-09 10:37:55 -05:00
Yechan Bae	ba2df66b30	hyperium/http/issues/354,355	2020-01-09 00:48:06 -05:00
Yechan Bae	36b8de692c	hyperium/http/issues/352	2020-01-09 00:45:59 -05:00