OMGeeky/advisory-db
1
0
Fork 0
mirror of https://github.com/OMGeeky/advisory-db.git synced 2025-12-30 16:24:05 +01:00
Code Issues Packages Projects Releases Wiki Activity
1,161 Commits 1 Branch 0 Tags
cb9432ef2adc2cdeae9dfbe9ae0ffe4a4ed8b7e2
Commit Graph

700 Commits

Author SHA1 Message Date
Shnatsel
be43bc8c83 Assigned RUSTSEC-2021-0022 to yottadb 2021-02-15 01:03:11 +00:00
Sergey "Shnatsel" Davidoff
102fad06fd Merge pull request #769 from jyn514/ydbrust 
Add use-after-free advisory for `yottadb 1.1.0` and earlier
 2021-02-15 02:02:47 +01:00
Joshua Nelson
8b0681777f Add use-after-free advisory for yottadb 1.1.0 and earlier 
Note that this does not have an `informational = "unsound"` field
because the use-after-free can occur even with normal use of the
library, not with specially crafted or malicious usages.
 2021-02-14 19:56:22 -05:00
Shnatsel
18b2916a5d Assigned RUSTSEC-2021-0021 to nb-connect 2021-02-14 15:42:50 +00:00
Sergey "Shnatsel" Davidoff
4f422c4e50 Merge pull request #765 from faern/nb-connect-socketaddr 
Add advisory on nb-connect SocketAddr casting
 2021-02-14 16:42:23 +01:00
Kornel
d0689e3724 Fixed sized-chunks 2021-02-14 12:08:19 +00:00
Linus Färnstrand
2b29694072 Add advisory on nb-connect SocketAddr casting 2021-02-14 12:09:55 +01:00
github-actions[bot]
0283f676ac Assigned RUSTSEC-2020-0144 to lzw (#761) 
Co-authored-by: tarcieri <tarcieri@users.noreply.github.com>
 2021-02-10 10:27:15 -08:00
HeroicKatora
fb29bc7093 lzw: Unmaintained (#760) 2021-02-10 10:25:38 -08:00
Shnatsel
4467b1f895 Assigned RUSTSEC-2021-0020 to hyper 2021-02-05 23:03:32 +00:00
Sean McArthur
c55cf597e8 Add hyper wrong transfer-encoding advisory 2021-02-05 14:57:30 -08:00
ab-cgh
24aaac905f Add advisory URL to RUSTSEC-2021-0019 (#756) 
Co-authored-by: ABGH, C <>
 2021-02-05 12:01:59 -08:00
Shnatsel
7cc4f4cb71 Assigned RUSTSEC-2021-0019 to xcb 2021-02-04 20:04:16 +00:00
Sergey "Shnatsel" Davidoff
2253445a08 Update RUSTSEC-0000-0000.md 2021-02-04 20:54:11 +01:00
Uli Schlachter
f2c5747e9f Report various rust-xcb issues to RustSec 
Closes: https://github.com/RustSec/advisory-db/issues/653
 2021-02-04 19:40:03 +01:00
Shnatsel
11a7ea188a Assigned RUSTSEC-2021-0018 to qwutils 2021-02-04 17:20:22 +00:00
Ammar Askar
81081c1c77 Add advisory for double-free in qwutils 2021-02-04 09:17:53 -08:00
Shnatsel
ace29ae4c1 Assigned RUSTSEC-2020-0143 to multiqueue 2021-02-04 13:37:11 +00:00
JOE1994
00001473c7 Report 0125-multiqueue to RustSec 2021-02-03 22:01:53 -05:00
Yechan Bae
f898b07b9a Update date field 2021-02-03 11:45:30 -05:00
Johann Tuffe
93e896d0d0 add patched version for calamine 2021-02-03 21:48:31 +08:00
Shnatsel
f60715bfd3 Assigned RUSTSEC-2020-0142 to syncpool 2021-02-02 17:07:44 +00:00
Sergey "Shnatsel" Davidoff
dff8798e3f Merge pull request #654 from JOE1994/0051-syncpool 
syncpool: Send bound needed on T (for Send impl of `Bucket2`)
 2021-02-02 18:06:03 +01:00
Sergey "Shnatsel" Davidoff
8c2bbad5cb add patched version 2021-02-02 18:05:12 +01:00
Shnatsel
ffe5e3d69d Assigned RUSTSEC-2020-0141 to noise_search 2021-02-01 13:58:53 +00:00
Sergey "Shnatsel" Davidoff
e9012b0ead Merge pull request #731 from JOE1994/0060-noise_search 
noise_search: `MvccRwLock` allows data races & aliasing violations
 2021-02-01 14:58:19 +01:00
o0Ignition0o
61042bf517 Lever 0.1.1 patch 2021-02-01 12:57:26 +01:00
Youngsuk Kim
7ef8c3d234 Update advisory for 'noise_search' crate 2021-01-31 23:24:23 -05:00
JOE1994
313915b6c1 Report 0060-noise_search to RustSec 2021-01-31 23:19:36 -05:00
Shnatsel
1417344471 Assigned RUSTSEC-2021-0017 to postscript 2021-01-31 14:30:08 +00:00
JOE1994
6f17443c22 Report 0118-postscript to RustSec 2021-01-31 09:28:41 -05:00
Yechan Bae
a19397dee4 Add thread-safety category to relevant bugs 2021-01-30 23:02:50 -05:00
Shnatsel
cdf5a460d8 Assigned RUSTSEC-2021-0016 to ms3d 2021-01-31 00:46:34 +00:00
JOE1994
91edd1b4e5 Report 0112-ms3d to RustSec 2021-01-30 19:40:14 -05:00
Lucas Fernandes Nogueira
18000b07d4 chore(tiny_http): RUSTSEC 2020-0031 patched on 0.8.0 (#721) 2021-01-30 18:50:32 -05:00
Shnatsel
4fe084f570 Assigned RUSTSEC-2020-0140 to model 2021-01-30 18:50:57 +00:00
Sergey "Shnatsel" Davidoff
9d2ef2976c Merge pull request #578 from Qwaz/0034-model 
model: `Shared` can cause a data race
 2021-01-30 19:50:28 +01:00
Shnatsel
4cf1793805 Assigned RUSTSEC-2020-0139 to dces 2021-01-30 18:42:52 +00:00
Sergey "Shnatsel" Davidoff
5b0899c27c Merge pull request #590 from ammaraskar/dces 
Add advisory for data race in dces
 2021-01-30 19:42:20 +01:00
Shnatsel
c86c580d8c Assigned RUSTSEC-2020-0136 to toolshed, RUSTSEC-2021-0015 to calamine, RUSTSEC-2020-0137 to lever, RUSTSEC-2020-0138 to lexer 2021-01-30 18:22:48 +00:00
Sergey "Shnatsel" Davidoff
c005d5b38a Merge pull request #589 from ammaraskar/lever 
Add advisory for data race in lever
 2021-01-30 19:22:11 +01:00
Sergey "Shnatsel" Davidoff
ba36f96be6 Merge pull request #591 from ammaraskar/toolshed 
Add advisory for data race in toolshed
 2021-01-30 19:20:44 +01:00
Sergey "Shnatsel" Davidoff
a51e8a6dfc Merge pull request #594 from JOE1994/calamine 
calamine: access unclaimed/uninitialized memory
 2021-01-30 19:20:21 +01:00
Sergey "Shnatsel" Davidoff
d791cc4bc5 Merge pull request #595 from JOE1994/lexer 
data race in lexer::ReaderResult<T, E>
 2021-01-30 19:19:56 +01:00
Shnatsel
e2ee9c8951 Assigned RUSTSEC-2020-0133 to scottqueue, RUSTSEC-2020-0134 to parc, RUSTSEC-2020-0135 to slock 2021-01-30 18:16:30 +00:00
Sergey "Shnatsel" Davidoff
9668bab553 Merge pull request #650 from JOE1994/0038-parc 
`LockWeak<T>` allows to create data race to `T`
 2021-01-30 19:16:00 +01:00
Sergey "Shnatsel" Davidoff
bf315a19e5 Merge pull request #651 from JOE1994/0043-scottqueue 
scottqueue: Queue<T> should have a Send bound on its Send/Sync traits
 2021-01-30 19:15:35 +01:00
Sergey "Shnatsel" Davidoff
fa635de910 Merge pull request #652 from JOE1994/0049-slock 
slock: Slock<T> allows sending non-Send types across thread boundaries
 2021-01-30 19:15:16 +01:00
Shnatsel
4b81ce92df Assigned RUSTSEC-2020-0130 to bunch, RUSTSEC-2020-0131 to rcu_cell, RUSTSEC-2020-0132 to array-tools 2021-01-30 18:13:16 +00:00
Sergey "Shnatsel" Davidoff
af57cca99e Merge pull request #665 from JOE1994/0083-array-tools 
array-tools: `FixedCapacityDequeLike::clone()` can cause dropping uninitialized memory
 2021-01-30 19:12:48 +01:00