OMGeeky/advisory-db
1
0
Fork 0
mirror of https://github.com/OMGeeky/advisory-db.git synced 2025-12-29 07:46:22 +01:00
Code Issues Packages Projects Releases Wiki Activity
1,783 Commits 1 Branch 0 Tags
c83c210200de080c359cac76ea5abb9af003f4e4
Commit Graph

1783 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
github-actions[bot]
c83c210200 Assigned RUSTSEC-2022-0056 to clipboard (#1425) 
Co-authored-by: pinkforest <pinkforest@users.noreply.github.com>
 2022-09-24 21:52:27 +10:00
ComplexSpaces
c8981d883d Add unmaintained clipboard (#1267) 2022-09-24 21:51:53 +10:00
pinkforest(she/her)
a25cb0b593 Fix informational footnote wording (#1420) 
* Fix informational wording

Signed-off-by: pinkforest <36498018+pinkforest@users.noreply.github.com>

* Remove redundant confusing footnote

Signed-off-by: pinkforest <36498018+pinkforest@users.noreply.github.com>

Signed-off-by: pinkforest <36498018+pinkforest@users.noreply.github.com>
 2022-09-17 19:27:06 +02:00
Nemo157
e01a455b26 Add stylish as ansi_term alternative (#1421) 2022-09-18 00:06:50 +10:00
github-actions[bot]
3a635d3a08 Assigned RUSTSEC-2022-0055 to axum-core (#1419) 
Co-authored-by: pinkforest <pinkforest@users.noreply.github.com>
 2022-09-13 10:41:23 +10:00
David Pedersen
42bea97b0d Add axum-core DoS (#1417) 2022-09-13 10:40:55 +10:00
github-actions[bot]
57117194f0 Assigned RUSTSEC-2021-0144 to traitobject (#1415) 
Co-authored-by: pinkforest <pinkforest@users.noreply.github.com>
 2022-09-08 21:04:41 +10:00
pinkforest(she/her)
bcf622dc10 Add unmaintained traitobject (#1390) 2022-09-08 21:04:10 +10:00
github-actions[bot]
2df5a37a35 Assigned RUSTSEC-2019-0039 to typemap (#1414) 
Co-authored-by: pinkforest <pinkforest@users.noreply.github.com>
 2022-09-08 21:03:53 +10:00
pinkforest(she/her)
e5b2ecca37 Add unmaintained typemap (#1406) 2022-09-08 21:03:20 +10:00
github-actions[bot]
71a03d5759 Assigned RUSTSEC-2021-0143 to kamadak-exif (#1413) 
Co-authored-by: pinkforest <pinkforest@users.noreply.github.com>
 2022-09-08 20:52:02 +10:00
pinkforest(she/her)
3834127c26 Add kamadak-exif DoS (#1411) 2022-09-08 20:51:34 +10:00
github-actions[bot]
7f6f544c39 Assigned RUSTSEC-2022-0054 to wee_alloc (#1412) 
Co-authored-by: pinkforest <pinkforest@users.noreply.github.com>
 2022-09-08 01:38:22 +10:00
pinkforest(she/her)
61ddf2b06c Add unmaintained wee_alloc (#1400) 2022-09-08 01:37:48 +10:00
pinkforest(she/her)
b381394f14 Mention structopt advice under ansi_term (#1407) 2022-09-02 16:27:43 +10:00
pinkforest(she/her)
e891bd27b0 Add owo-colors ansi_term alternative (#1403) 
Signed-off-by: pinkforest <36498018+pinkforest@users.noreply.github.com>

Signed-off-by: pinkforest <36498018+pinkforest@users.noreply.github.com>
 2022-09-01 00:17:30 +02:00
Alexis Mousset
5e0135f3ef Change CONTRIBUTING.md wording to make it usable outside of the repository context (#1402) 2022-08-31 14:54:31 -06:00
github-actions[bot]
2703251e71 Assigned RUSTSEC-2021-0141 to dotenv, RUSTSEC-2021-0142 to dotenv_codegen (#1398) 
Co-authored-by: pinkforest <pinkforest@users.noreply.github.com>
 2022-08-31 05:40:13 +10:00
pinkforest(she/her)
e7dcb971d8 Add unmaintained dotenv & Co. (#1359) 2022-08-31 05:39:20 +10:00
github-actions[bot]
ecc129a2d4 Assigned RUSTSEC-2021-0140 to rusttype (#1397) 
Co-authored-by: pinkforest <pinkforest@users.noreply.github.com>
 2022-08-31 05:01:56 +10:00
pinkforest(she/her)
7fb3fd2a29 Add unmaintained rusttype (#1388) 2022-08-31 04:36:44 +10:00
github-actions[bot]
cd616654ec Assigned RUSTSEC-2020-0165 to mozjpeg (#1396) 
Co-authored-by: pinkforest <pinkforest@users.noreply.github.com>
 2022-08-31 04:35:26 +10:00
pinkforest(she/her)
cc892a6a6f Add unsound mozjpeg (#1389) 2022-08-31 04:35:03 +10:00
github-actions[bot]
f56c70041a Assigned RUSTSEC-2020-0164 to cell-project (#1395) 
Co-authored-by: pinkforest <pinkforest@users.noreply.github.com>
 2022-08-31 04:33:16 +10:00
RustyYato
ad4b62d6c1 Add unsound cell-project (#1391) 2022-08-31 04:32:42 +10:00
Alexis Mousset
df51dcdf97 Remove reference mention from description (#1393) 2022-08-28 23:00:20 +02:00
Sergey "Shnatsel" Davidoff
d998cb999d bump rustsec-admin to 0.8.2 in web workflow (#1392) 2022-08-28 13:42:04 +02:00
github-actions[bot]
c4d6e937dc Assigned RUSTSEC-2022-0053 to mapr (#1387) 
Co-authored-by: pinkforest <pinkforest@users.noreply.github.com>
 2022-08-27 16:03:54 +10:00
pinkforest(she/her)
49290fcb90 Add unmaintained mapr (#1382) 2022-08-27 16:03:23 +10:00
github-actions[bot]
011edf4cc6 Assigned RUSTSEC-2022-0052 to os_socketaddr (#1386) 
Co-authored-by: pinkforest <pinkforest@users.noreply.github.com>
 2022-08-27 16:02:35 +10:00
a-ba
2b84c61925 Add unsoundness in os_socketaddr (#1384) 2022-08-27 16:01:53 +10:00
github-actions[bot]
e0f55ed7b5 Assigned RUSTSEC-2022-0051 to lz4-sys (#1385) 
Co-authored-by: Shnatsel <Shnatsel@users.noreply.github.com>
 2022-08-26 20:18:18 +02:00
Niklas Fiekas
e0b768ba73 lz4-sys: Forward CVE-2021-3520 (#1383) 2022-08-26 20:17:00 +02:00
Volker Mische
f42031da81 Remove mapr as alternative from RUSTSEC-2020-0077 (#1381) 
With the merge of https://github.com/RazrFalcon/memmap2-rs/pull/52 into `memmap2`,
all changes from `mapr` are ported upstream. Hence `memmap2` is now the single best
alternative.
 2022-08-25 17:09:30 +10:00
Armin Ronacher
d8b50de4d4 Added console to RUSTSEC-2021-0139 (#1380) 2022-08-22 00:16:31 +02:00
github-actions[bot]
af9781a543 Assigned RUSTSEC-2021-0139 to ansi_term (#1377) 
Co-authored-by: pinkforest <pinkforest@users.noreply.github.com>
 2022-08-19 18:20:44 +10:00
pinkforest(she/her)
3231714ffe Add unmaintained ansi_term (#1372) 2022-08-19 18:19:41 +10:00
github-actions[bot]
d452043dbb Assigned RUSTSEC-2022-0050 to interledger-packet (#1376) 
Co-authored-by: pinkforest <pinkforest@users.noreply.github.com>
 2022-08-19 15:34:11 +10:00
pinkforest(she/her)
7e04331f1e Add unmaintained interledger (#1369) 2022-08-19 15:33:27 +10:00
dependabot[bot]
811c7c256c Bump peter-evans/create-pull-request from 3 to 4 (#1375) 
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 3 to 4.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases)
- [Commits](https://github.com/peter-evans/create-pull-request/compare/v3...v4)

---
updated-dependencies:
- dependency-name: peter-evans/create-pull-request
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-08-18 07:55:31 -06:00
dependabot[bot]
57c8f476a1 Bump actions/checkout from 2 to 3 (#1374) 
Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 3.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-08-18 07:55:18 -06:00
dependabot[bot]
b562a37254 Bump actions/cache from 1 to 3 (#1373) 
Bumps [actions/cache](https://github.com/actions/cache) from 1 to 3.
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](https://github.com/actions/cache/compare/v1...v3)

---
updated-dependencies:
- dependency-name: actions/cache
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-08-18 07:55:03 -06:00
LingMan
f3cc4cd03e Add a dependabot config (#1371) 
Dependabot will watch the workflow files in .github/workflows and
automatically file PRs if there are updates available for any of the used
Actions.
 2022-08-18 07:44:02 -06:00
pinkforest(she/her)
863d0e654f Document empty versions (#1370) 
Signed-off-by: pinkforest <36498018+pinkforest@users.noreply.github.com>

Signed-off-by: pinkforest <36498018+pinkforest@users.noreply.github.com>
 2022-08-18 14:30:36 +10:00
René Kijewski
b75822a011 RUSTSEC-2022-0049: recategorize as memory-exposure (#1368) 
Because of the bug random data was read, but still written into a sane
buffer.
 2022-08-17 03:08:30 +10:00
github-actions[bot]
84997ea578 Assigned RUSTSEC-2022-0049 to iana-time-zone (#1367) 
Co-authored-by: pinkforest <pinkforest@users.noreply.github.com>
 2022-08-17 02:53:54 +10:00
René Kijewski
afc10f8aa1 Use after free in MacOS / iOS implementation (#1366) 
In iana-time-zone v0.1.43 a use-after-free bug in the MacOS / iOS implementation was introduced.

The copied system time zone was released before its name was copied.
If the system time zone was changed between the call of `CFRelease()` and `str::to_owned()`,
random memory would be copied.
 2022-08-17 02:52:54 +10:00
pinkforest(she/her)
8bf0011f39 Document withdrawn (#1355) 
* Document yanked and withdrawn

Signed-off-by: pinkforest <36498018+pinkforest@users.noreply.github.com>

* Yank the yanked

Signed-off-by: pinkforest <36498018+pinkforest@users.noreply.github.com>

Signed-off-by: pinkforest <36498018+pinkforest@users.noreply.github.com>
 2022-08-16 12:40:50 +10:00
pinkforest(she/her)
d3eccc4072 Remove yanked 2 (#1364) 
* Remove yanked 2

Signed-off-by: pinkforest <36498018+pinkforest@users.noreply.github.com>

* Test cache

* Cache back on

* Bump audit cache

Signed-off-by: pinkforest <36498018+pinkforest@users.noreply.github.com>

Signed-off-by: pinkforest <36498018+pinkforest@users.noreply.github.com>
 2022-08-16 12:38:08 +10:00
github-actions[bot]
7b8185d1df Assigned RUSTSEC-2022-0048 to xml-rs (#1365) 
Co-authored-by: pinkforest <pinkforest@users.noreply.github.com>
 2022-08-15 12:13:06 +10:00