OMGeeky/advisory-db
1
0
Fork 0
mirror of https://github.com/OMGeeky/advisory-db.git synced 2025-12-30 16:24:05 +01:00
Code Issues Packages Projects Releases Wiki Activity
1,105 Commits 1 Branch 0 Tags
cdf5a460d8d2af14db5e368c28dfbbc6a34b17cb
Commit Graph

1105 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Shnatsel
cdf5a460d8 Assigned RUSTSEC-2021-0016 to ms3d 2021-01-31 00:46:34 +00:00
Sergey "Shnatsel" Davidoff
1640747e83 Merge pull request #723 from JOE1994/0112-ms3d 
ms3d: `IoReader::read()`: user-provided `Read` on uninitialized buffer may cause UB
 2021-01-31 01:46:02 +01:00
JOE1994
91edd1b4e5 Report 0112-ms3d to RustSec 2021-01-30 19:40:14 -05:00
Lucas Fernandes Nogueira
18000b07d4 chore(tiny_http): RUSTSEC 2020-0031 patched on 0.8.0 (#721) 2021-01-30 18:50:32 -05:00
Sergey "Shnatsel" Davidoff
faa37a1c37 Merge pull request #719 from RustSec/assign-ids 
Assigned RUSTSEC-2020-0140 to model
 2021-01-30 19:56:21 +01:00
Shnatsel
4fe084f570 Assigned RUSTSEC-2020-0140 to model 2021-01-30 18:50:57 +00:00
Sergey "Shnatsel" Davidoff
9d2ef2976c Merge pull request #578 from Qwaz/0034-model 
model: `Shared` can cause a data race
 2021-01-30 19:50:28 +01:00
Sergey "Shnatsel" Davidoff
7f39bb2e30 Merge pull request #717 from RustSec/assign-ids 
Assigned RUSTSEC-2020-0139 to dces
 2021-01-30 19:43:35 +01:00
Shnatsel
4cf1793805 Assigned RUSTSEC-2020-0139 to dces 2021-01-30 18:42:52 +00:00
Sergey "Shnatsel" Davidoff
5b0899c27c Merge pull request #590 from ammaraskar/dces 
Add advisory for data race in dces
 2021-01-30 19:42:20 +01:00
Sergey "Shnatsel" Davidoff
95c9745ff1 Merge pull request #715 from RustSec/assign-ids 
Assigned RUSTSEC-2020-0136 to toolshed, RUSTSEC-2021-0015 to calamine, RUSTSEC-2020-0137 to lever, RUSTSEC-2020-0138 to lexer
 2021-01-30 19:23:57 +01:00
Shnatsel
c86c580d8c Assigned RUSTSEC-2020-0136 to toolshed, RUSTSEC-2021-0015 to calamine, RUSTSEC-2020-0137 to lever, RUSTSEC-2020-0138 to lexer 2021-01-30 18:22:48 +00:00
Sergey "Shnatsel" Davidoff
c005d5b38a Merge pull request #589 from ammaraskar/lever 
Add advisory for data race in lever
 2021-01-30 19:22:11 +01:00
Sergey "Shnatsel" Davidoff
ba36f96be6 Merge pull request #591 from ammaraskar/toolshed 
Add advisory for data race in toolshed
 2021-01-30 19:20:44 +01:00
Sergey "Shnatsel" Davidoff
a51e8a6dfc Merge pull request #594 from JOE1994/calamine 
calamine: access unclaimed/uninitialized memory
 2021-01-30 19:20:21 +01:00
Sergey "Shnatsel" Davidoff
d791cc4bc5 Merge pull request #595 from JOE1994/lexer 
data race in lexer::ReaderResult<T, E>
 2021-01-30 19:19:56 +01:00
Sergey "Shnatsel" Davidoff
8013cb8831 Merge pull request #713 from RustSec/assign-ids 
Assigned RUSTSEC-2020-0133 to scottqueue, RUSTSEC-2020-0134 to parc, RUSTSEC-2020-0135 to slock
 2021-01-30 19:17:37 +01:00
Shnatsel
e2ee9c8951 Assigned RUSTSEC-2020-0133 to scottqueue, RUSTSEC-2020-0134 to parc, RUSTSEC-2020-0135 to slock 2021-01-30 18:16:30 +00:00
Sergey "Shnatsel" Davidoff
9668bab553 Merge pull request #650 from JOE1994/0038-parc 
`LockWeak<T>` allows to create data race to `T`
 2021-01-30 19:16:00 +01:00
Sergey "Shnatsel" Davidoff
bf315a19e5 Merge pull request #651 from JOE1994/0043-scottqueue 
scottqueue: Queue<T> should have a Send bound on its Send/Sync traits
 2021-01-30 19:15:35 +01:00
Sergey "Shnatsel" Davidoff
fa635de910 Merge pull request #652 from JOE1994/0049-slock 
slock: Slock<T> allows sending non-Send types across thread boundaries
 2021-01-30 19:15:16 +01:00
Sergey "Shnatsel" Davidoff
dc73f9d1c7 Merge pull request #711 from RustSec/assign-ids 
Assigned RUSTSEC-2020-0130 to bunch, RUSTSEC-2020-0131 to rcu_cell, RUSTSEC-2020-0132 to array-tools
 2021-01-30 19:13:59 +01:00
Shnatsel
4b81ce92df Assigned RUSTSEC-2020-0130 to bunch, RUSTSEC-2020-0131 to rcu_cell, RUSTSEC-2020-0132 to array-tools 2021-01-30 18:13:16 +00:00
Sergey "Shnatsel" Davidoff
af57cca99e Merge pull request #665 from JOE1994/0083-array-tools 
array-tools: `FixedCapacityDequeLike::clone()` can cause dropping uninitialized memory
 2021-01-30 19:12:48 +01:00
Sergey "Shnatsel" Davidoff
672db61041 Merge pull request #691 from JOE1994/0036-bunch 
bunch: Bunch<T> unconditionally implements Send/Sync, allowing data races
 2021-01-30 19:11:27 +01:00
Sergey "Shnatsel" Davidoff
cef67eb321 Merge pull request #692 from JOE1994/0039-rcu_cell 
rcu_cell: Send/Sync bound needed on T  for Send/Sync impl of RcuCell<T>
 2021-01-30 19:11:05 +01:00
Sergey "Shnatsel" Davidoff
7a1e834f10 Merge pull request #709 from RustSec/assign-ids 
Assigned RUSTSEC-2020-0124 to async-coap, RUSTSEC-2020-0125 to convec, RUSTSEC-2020-0126 to signal-simple, RUSTSEC-2020-0127 to v9, RUSTSEC-2020-0128 to cache, RUSTSEC-2020-0129 to kekbit
 2021-01-30 19:07:48 +01:00
Shnatsel
d874d3d054 Assigned RUSTSEC-2020-0124 to async-coap, RUSTSEC-2020-0125 to convec, RUSTSEC-2020-0126 to signal-simple, RUSTSEC-2020-0127 to v9, RUSTSEC-2020-0128 to cache, RUSTSEC-2020-0129 to kekbit 2021-01-30 18:07:13 +00:00
Sergey "Shnatsel" Davidoff
bd29fc0d7b Merge pull request #693 from JOE1994/0057-async-coap 
async-coap: ArcGuard's Send and Sync should have bounds on RC
 2021-01-30 19:06:37 +01:00
Sergey "Shnatsel" Davidoff
a0c0baf2dd Merge pull request #694 from JOE1994/0044-signal-simple 
signal-simple: SyncChannel<T> can send non-Send types to other threads
 2021-01-30 19:06:12 +01:00
Sergey "Shnatsel" Davidoff
65da9c554e Merge pull request #704 from JOE1994/0030-cache 
Cache<K>: Send/Sync impls needs trait bounds on `K`
 2021-01-30 19:05:45 +01:00
Sergey "Shnatsel" Davidoff
a51d26eb1e Merge pull request #705 from JOE1994/0023-convec 
convec::ConVec<T> unconditionally implements Send/Sync
 2021-01-30 19:05:27 +01:00
Sergey "Shnatsel" Davidoff
c73804f60f Merge pull request #706 from JOE1994/0066-kekbit 
kekbit: ShmWriter allows sending non-Send type across threads
 2021-01-30 19:05:02 +01:00
Sergey "Shnatsel" Davidoff
c5d9a00ed6 Merge pull request #707 from JOE1994/0065-v9 
v9: SyncRef's clone() and debug() allow data races
 2021-01-30 19:04:45 +01:00
JOE1994
1dfb30f0d3 Report 0065-v9 to RustSec 2021-01-27 12:26:52 -05:00
JOE1994
1446b62471 Report 0066-kekbit to RustSec 2021-01-27 12:11:22 -05:00
JOE1994
b43a461988 Report 0023-convec to RustSec 2021-01-27 11:59:47 -05:00
JOE1994
913a847d34 Report 0030-cache to RustSec 2021-01-27 11:48:06 -05:00
Sergey "Shnatsel" Davidoff
d663790b8c Merge pull request #703 from RustSec/assign-ids 
Assigned RUSTSEC-2020-0123 to libp2p-deflate
 2021-01-27 17:06:14 +01:00
Shnatsel
01c694c922 Assigned RUSTSEC-2020-0123 to libp2p-deflate 2021-01-27 16:03:41 +00:00
Sergey "Shnatsel" Davidoff
10062201a1 Merge pull request #700 from JOE1994/0110-libp2p-deflate 
libp2p-deflate: Undefined data exposed in DeflateOutput's AsyncRead implementation
 2021-01-27 17:03:04 +01:00
Sergey "Shnatsel" Davidoff
f48660ee6c Merge pull request #701 from RustSec/assign-ids 
Assigned RUSTSEC-2021-0014 to marc
 2021-01-27 17:02:57 +01:00
Sergey "Shnatsel" Davidoff
0788bf440f reword title 2021-01-27 17:02:15 +01:00
Shnatsel
4ee140687f Assigned RUSTSEC-2021-0014 to marc 2021-01-27 16:01:52 +00:00
Sergey "Shnatsel" Davidoff
5f1f4ed3c2 Merge pull request #699 from JOE1994/0113-marc 
marc: Record::read : Custom `Read` on uninitialized buffer may cause UB
 2021-01-27 17:01:14 +01:00
JOE1994
868651a1c2 Report 0110-libp2p-deflate to RustSec 2021-01-27 10:46:49 -05:00
JOE1994
8c9978e15d Report 0113-marc to RustSec 2021-01-27 10:31:15 -05:00
github-actions[bot]
39a88f9c63 Assigned RUSTSEC-2020-0122 to beef (#697) 
Co-authored-by: tarcieri <tarcieri@users.noreply.github.com>
 2021-01-26 20:24:29 -05:00
Youngsuk Kim
8f6dc8608a beef: beef::Cow lacks a Sync bound on its Send trait allowing for data races (#696) 2021-01-26 17:21:19 -08:00
Tony Arcieri
049df72e54 Bump rustsec-admin to v0.3.4 (#695) 2021-01-26 12:50:49 -08:00