OMGeeky/advisory-db
1
0
Fork 0
mirror of https://github.com/OMGeeky/advisory-db.git synced 2025-12-28 07:18:07 +01:00
Code Issues Packages Projects Releases Wiki Activity
139 Commits 1 Branch 0 Tags
bc8567a1ed05dbb7bd4e52286643cc838b9bb9fa
Commit Graph

139 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Alex Gaynor
bc8567a1ed Switch to using crates_io_api crate 2018-12-06 15:43:02 -05:00
Alex Gaynor
de407733b8 Verify package names are correct in CI 
Fixes #72
 2018-12-06 15:14:51 -05:00
Tony Arcieri
1a3b811d08 Merge pull request #71 from RustSec/RUSTSEC-2018-0008 
Assign RUSTSEC-2018-0008 to slice-deque
 2018-12-06 09:25:44 -08:00
Tony Arcieri
875d4d5fdd Assign RUSTSEC-2018-0008 to slice-deque 
Original PR: https://github.com/RustSec/advisory-db/pull/70
 2018-12-06 09:18:37 -08:00
Tony Arcieri
34b07f258c Merge pull request #70 from gnzlbg/sd 
Add advisory for slice-deque
 2018-12-06 09:03:44 -08:00
gnzlbg
4effd1975e Add keywords 2018-12-06 17:58:48 +01:00
gnzlbg
895fe023df Add advisory for slice-deque 2018-12-06 17:53:12 +01:00
Tony Arcieri
d8f38b8187 Merge pull request #66 from RustSec/fix-rustsec-2018-0007-date 
Fix "date" field on RUSTSEC-2018-0007
 2018-10-14 10:10:13 -07:00
Tony Arcieri
487ffe4728 Fix "date:" field on RUSTSEC-2018-0007 
It appears it was mistakenly filed as being in 2017
 2018-10-14 09:53:19 -07:00
Tony Arcieri
26c6f1f128 Merge pull request #65 from RustSec/RUSTSEC-2018-0007 
Assign RUSTSEC-2018-0007 to trust-dns-proto
 2018-10-13 18:36:50 -07:00
Tony Arcieri
aa901622d6 Assign RUSTSEC-2018-0007 to trust-dns-proto 
Original PR: https://github.com/RustSec/advisory-db/pull/62
 2018-10-13 18:31:34 -07:00
Tony Arcieri
8e85e2d785 Merge pull request #62 from oherrala/trust-dns-proto-0-4-3 
Trust-DNS: Stack overflow when parsing DNS packet
 2018-10-13 18:28:55 -07:00
Tony Arcieri
b825af523e Merge branch 'master' into trust-dns-proto-0-4-3 2018-10-13 18:14:24 -07:00
Tony Arcieri
21428f953b Merge pull request #64 from RustSec/RUSTSEC-2018-0006 
Assign RUSTSEC-2018-0006 to yaml-rust
 2018-10-13 18:13:55 -07:00
Tony Arcieri
89aab75c1b Assign RUSTSEC-2018-0006 to yaml-rust 
Original PR: https://github.com/RustSec/advisory-db/pull/60
 2018-10-13 18:09:39 -07:00
Tony Arcieri
77103cc693 Merge pull request #60 from xfix/yaml-rust-advisory 
Add advisory for yaml-rust
 2018-10-13 18:04:27 -07:00
Tony Arcieri
2c3880df0d Merge branch 'master' into yaml-rust-advisory 2018-10-13 17:32:09 -07:00
Tony Arcieri
e0a3c25201 Merge pull request #63 from RustSec/RUSTSEC-2018-0005 
Assign RUSTSEC-2018-0005 to serde_yaml
 2018-10-13 16:48:36 -07:00
Tony Arcieri
ee579432c6 Assign RUSTSEC-2018-0005 to serde_yaml 
Original PR: https://github.com/RustSec/advisory-db/pull/61
 2018-10-13 16:24:33 -07:00
Tony Arcieri
1c2f05360d Merge pull request #61 from xfix/serde-yaml-advisory 
Add advisory for serde_yaml
 2018-10-13 16:13:35 -07:00
Ossi Herrala
d6b9d03e45 Stack overflow in Trust-DNS when parsing DNS packet 2018-10-11 15:55:18 +03:00
Konrad Borowski
f22c3798f6 Add advisory for serde_yaml 2018-09-17 08:59:36 +02:00
Konrad Borowski
dce22c22b2 Add advisory for yaml-rust 2018-09-17 08:48:40 +02:00
Tony Arcieri
b2125b68a5 Merge pull request #58 from RustSec/remove-obsolete-advisories-toml 
Delete Advsories.toml (closes #29)
 2018-09-01 08:52:18 -07:00
Tony Arcieri
eb590d36f2 Delete Advsories.toml (closes #29) 
The `rustsec` crate now uses a git-based fetcher which fetches the
entire repository and parses the individual TOML files for each
advisory (where previously it used an HTTP-based fetcher and fetched
only the `Advisories.toml` file).

Now that most users have updated to the git-based fetcher, we can remove
the now-redundant Advisories.toml.

See: <https://github.com/RustSec/advisory-db/issues/29>
 2018-09-01 08:38:46 -07:00
Tony Arcieri
dba1030450 Merge pull request #57 from RustSec/RUSTSEC-2018-9999-abandon-advisories-toml 
RUSTSEC-2018-9999: cargo-audit meta advisory for <0.3
 2018-08-25 08:22:57 -07:00
Tony Arcieri
5bc9be8a5f RUSTSEC-2018-9999: cargo-audit meta advisory for <0.3 
Adds a "meta advisory" only to Advisories.toml noting that
`Advisories.toml` will be deleted on September 1st, 2018.

Versions of cargo-audit >= 0.3 will never see this, because they do not
parse Advisories.toml but instead read the individual advisory files for
each crate.

See:

https://github.com/RustSec/advisory-db/issues/29
 2018-08-25 08:04:47 -07:00
Tony Arcieri
91faf10576 Merge pull request #56 from RustSec/fix-contributing-template-link 
CONTRIBUTING.md: Fix link to template
 2018-08-25 07:43:01 -07:00
Tony Arcieri
a5666efee1 CONTRIBUTING.md: Fix link to template 
The anchor changed slightly
 2018-08-25 07:36:28 -07:00
Tony Arcieri
640b577a2a Merge pull request #55 from RustSec/RUSTSEC-2018-0004 
Assign RUSTSEC-2018-0004 to claxon
 2018-08-25 07:17:13 -07:00
Tony Arcieri
575dc9a705 Assign RUSTSEC-2018-0004 to claxon 
Original PR:

https://github.com/RustSec/advisory-db/pull/54
 2018-08-25 07:11:55 -07:00
Tony Arcieri
449223b761 Merge pull request #54 from ruuda/claxon 
Add advisory for Claxon 0.3.2 and 0.4.1
 2018-08-25 07:05:15 -07:00
Ruud van Asseldonk
a79e12f482 Add advisory for Claxon 0.3.2 and 0.4.1 2018-08-25 12:36:22 +02:00
Tony Arcieri
bbfce11be0 Merge pull request #53 from RustSec/document-affected-arch-and-affected-os 
README.md: Documented `affected_arch` and `affected_os`
 2018-07-26 21:17:39 -07:00
Tony Arcieri
03eebdf3d2 README.md: Reorder advisory example 2018-07-26 21:10:29 -07:00
Tony Arcieri
1296249cfb RUSTSEC-2016-0002.toml: use 'affected_os' attribute 
Replaces the 'affected_platforms' attribute in rustsec v0.9.
 2018-07-26 21:02:15 -07:00
Tony Arcieri
4efb940080 README.md: Documented affected_arch and affected_os 
These are new attributes as of `rustsec` crate v0.9.0 which use enums
from the `platforms` crate to represent CPU architectures and operating
systems.

This replaces the previous `affected_platforms` attribute (only used in
one advisory)
 2018-07-26 21:00:11 -07:00
Tony Arcieri
2f2af6807c Merge pull request #52 from RustSec/rustsec-0-9 
Upgrade to "rustsec" crate v0.9.0
 2018-07-26 20:47:41 -07:00
Tony Arcieri
7d9d0973cc Upgrade to "rustsec" crate v0.9.0 2018-07-26 20:42:51 -07:00
Tony Arcieri
31502e1ce6 Merge pull request #51 from RustSec/add-new-advisories-to-advisories-toml 
Advisories.toml: Add RUSTSEC-2016-0001 and RUSTSEC-2016-0002
 2018-07-24 16:55:11 -07:00
Tony Arcieri
32103ed82b Advisories.toml: Add RUSTSEC-2016-0001 and RUSTSEC-2016-0002 
Adds the newly merged (but oldest chronological!) advisories into
the `Advisories.toml` file (which can go away pending #29)
 2018-07-24 16:49:01 -07:00
Tony Arcieri
773685e2fb Merge pull request #50 from RustSec/keywords 
Keywords
 2018-07-24 16:07:10 -07:00
Tony Arcieri
2d9a2632a7 Keywords 
Documents the new `keywords` attribute and adds keywords to all current
advisories. These can be consumed by the web UI.
 2018-07-24 16:02:35 -07:00
Tony Arcieri
ac0e00251b Merge pull request #49 from RustSec/affected-platforms 
Affected Platforms
 2018-07-24 15:58:57 -07:00
Tony Arcieri
2632340526 Affected Platforms 
Documents the use of the `affected_platforms` attribute in advisories,
and adds it to a relevant advisory.
 2018-07-24 15:53:43 -07:00
Tony Arcieri
20d789b68d Merge pull request #48 from RustSec/cleanups 
Documentation cleanups
 2018-07-24 15:42:18 -07:00
Tony Arcieri
ad872b63b2 README.md: Move title/description up in advisory example 2018-07-24 15:36:23 -07:00
Tony Arcieri
0a4f0ee960 CONTRIBUTING.md: Fix link 2018-07-24 15:35:07 -07:00
Tony Arcieri
085b3a4eb6 Merge pull request #47 from RustSec/rustsec-0-8 
Upgrade to rustsec 0.8
 2018-07-24 15:34:04 -07:00
Tony Arcieri
f7e514c0c8 Upgrade to rustsec 0.8 
Adds support for `affected_platforms` and `keywords` attributes on
security advisories.
 2018-07-24 15:28:57 -07:00