OMGeeky/advisory-db
1
0
Fork 0
mirror of https://github.com/OMGeeky/advisory-db.git synced 2026-02-13 21:18:11 +01:00
Code Issues Packages Projects Releases Wiki Activity
410 Commits 1 Branch 0 Tags
d96db2b3d6fa4b3cc44ca184919c0291eb46074e
Commit Graph

178 Commits

Author SHA1 Message Date
Tony Arcieri
6d0db7286e Add advisory for broken blake2 impls 
BLAKE2b and BLAKE2s were implemented using the wrong block size. All
versions of the `blake2` crate prior to v0.8.1 compute incorrect
digests.

See: https://github.com/RustCrypto/MACs/issues/19
 2019-09-06 10:46:06 -07:00
Tony Arcieri
c80288298b Assign RUSTSEC-2019-0018 to renderdoc 
Original PR: https://github.com/RustSec/advisory-db/pull/147
 2019-09-02 19:40:31 -07:00
Eyal Kalderon
a17b8a3693 Remove unnecessary affected_os key 2019-09-03 10:30:29 +08:00
Eyal Kalderon
64a69616a4 Add advisory for renderdoc < 0.5.0 2019-09-02 14:05:48 +08:00
Tony Arcieri
8ecff7460f Assign RUSTSEC-2019-0017 to once_cell 
Original PR: https://github.com/RustSec/advisory-db/pull/143
 2019-09-01 13:29:40 -07:00
Aleksey Kladov
84eb2025f9 add advisory for once_cell (#143) 2019-09-01 13:27:30 -07:00
Tony Arcieri
5b742bbc54 Assign RUSTSEC-2019-0016 to chttp 
Original PR: https://github.com/RustSec/advisory-db/pull/139
 2019-09-01 13:06:15 -07:00
Tony Arcieri
8ed9e62129 Merge branch 'master' into sagebind-patch-1 2019-09-01 12:56:31 -07:00
Tony Arcieri
603012cd96 Assign RUSTSEC-2019-0015 to compact_arena 
Original PR: https://github.com/RustSec/advisory-db/pull/137
 2019-09-01 12:46:55 -07:00
Tony Arcieri
c21ebf3341 Assign RUSTSEC-2019-0014 to image 
Original PR: https://github.com/RustSec/advisory-db/pull/135
 2019-09-01 12:37:49 -07:00
Stephen M. Coakley
439853f667 Create RUSTSEC-0000-0000.toml 2019-09-01 13:45:03 -05:00
llogiq
7b363b785a add out-of-bounds memory access in compact_arena < 0.4.0 (#137) 2019-09-01 10:54:20 -07:00
HeroicKatora
c8c41f939a Add hdr decoder use-after-free advisory (#135) 2019-09-01 10:46:14 -07:00
Tony Arcieri
44dc01298e Assign RUSTSEC-2019-0013 to spin 
Original PR: https://github.com/RustSec/advisory-db/pull/132
 2019-08-28 10:11:01 -07:00
Matt Taylor
5568479c48 Clarify that users of Once are not affected 2019-08-28 06:37:10 +01:00
Matt Taylor
3c55761403 Report vulnerability in spin crate's RwLock impl 2019-08-27 20:09:09 +01:00
Ralf Jung
9ec1ad0a9c typo 2019-07-20 13:45:36 +02:00
Ralf Jung
7e3423c7ec actually memoffset also had an uninit-drop vuln, and that affects all versions ever published 2019-07-20 12:56:59 +02:00
Tony Arcieri
3a175b7b37 Assign RUSTSEC-2019-0012 to smallvec 
Original PR: https://github.com/RustSec/advisory-db/pull/127/
 2019-07-19 14:12:22 -07:00
Sergey "Shnatsel" Davidoff
150700481b Update RUSTSEC-0000-0000.toml 2019-07-19 21:45:40 +02:00
Sergey "Shnatsel" Davidoff
3b810f1c13 Add advisory for smallvec issue #149 2019-07-19 21:35:39 +02:00
Tony Arcieri
4d673eedf4 Assign RUSTSEC-2019-0011 to memoffset 
Original PR: https://github.com/RustSec/advisory-db/pull/124
 2019-07-17 09:50:31 -07:00
Ralf Jung
148b3d2dd0 add memoffset issue 2019-07-16 15:51:12 +02:00
Tony Arcieri
8b88d66355 Assign RUSTSEC-2019-0010 to libflate 
Original PR: https://github.com/RustSec/advisory-db/pull/122
 2019-07-07 11:25:05 -07:00
Sergey "Shnatsel" Davidoff
ab8ae78368 Merge branch 'master' into libflate-advisory 2019-07-07 18:45:59 +02:00
Sergey "Shnatsel" Davidoff
5eacb752b4 improve summary 2019-07-07 18:45:21 +02:00
Sergey "Shnatsel" Davidoff
6714149494 Add advisory for libflate 2019-07-07 18:43:49 +02:00
Tony Arcieri
985c55342a RUSTSEC-2019-0008: fix link to disclosure PR 2019-07-03 07:37:05 -07:00
Tony Arcieri
a20910b79f Assign RUSTSEC-2019-0009 to smallvec 
Original PR: https://github.com/RustSec/advisory-db/pull/119
 2019-07-03 06:57:06 -07:00
Sergey "Shnatsel" Davidoff
2cbddfd81d Drop comments from new smallvec advisory 2019-07-02 22:55:15 +02:00
Sergey "Shnatsel" Davidoff
7af1eac5b1 Rename tentative advisory to please CI 2019-06-30 20:11:34 +02:00
Sergey "Shnatsel" Davidoff
144eb01eef Add advisory for SmallVec issues #148 2019-06-30 20:04:20 +02:00
Tony Arcieri
f0a801979c Assign RUSTSEC-2019-0008 to simd-json 
Original PR: https://github.com/RustSec/advisory-db/pull/116
 2019-06-24 13:20:43 -07:00
Heinz N. Gies
8134840ade Remove comments and fix spelling 2019-06-24 21:11:55 +02:00
Heinz N. Gies
f65960fb51 Add advisory for segfault bug in simd-json.rs 2019-06-24 21:11:55 +02:00
Tony Arcieri
602f9252e1 Assign RUSTSEC-2019-0007 to asn1_der 
Original PR: https://github.com/RustSec/advisory-db/pull/113
 2019-06-24 09:48:05 -07:00
Tony Arcieri
67edcf34e4 Merge branch 'master' into master 2019-06-24 09:32:01 -07:00
c74d
63fbe9df35 RUSTSEC-2019-0006: Use -0005's format vuln wording 
As filed, advisory RUSTSEC-2019-0006 simply notes that certain
functions in the covered crate create a "format vulnerability". This
patch, following up on [an exchange of comments on GitHub][1], edits
advisory RUSTSEC-2019-0006 to summarize the risk introduced by a
format vulnerability, copying the wording of the associated advisory
RUSTSEC-2019-0005.

[1]: <https://github.com/RustSec/advisory-db/pull/107#pullrequestreview-250212575>
 2019-06-23 00:41:31 +00:00
KizzyCode
2bc9806042 Removed comments 2019-06-22 00:17:25 +02:00
KizzyCode
6117c44711 Removed erroneous unaffected versions 2019-06-22 00:05:04 +02:00
KizzyCode
90d22af332 Create RUSTSEC-0000-0000.toml 
Added vulnerability TOML for https://github.com/KizzyCode/asn1_der/issues/1
 2019-06-21 23:54:40 +02:00
Tony Arcieri
047a068ba7 Reassign ncurses vuln from RUSTSEC-2019-0004 => 0006 
RUSTSEC-2019-0004 is already assigned to a `libp2p-core` vulnerability.

Apparently we don't have tests to catch this? Unfortunate.
 2019-06-18 09:51:54 -07:00
Tony Arcieri
c4397fd8dc Assign RUSTSEC-2019-0005 to pancurses 
Original PR: https://github.com/RustSec/advisory-db/pull/108
 2019-06-18 09:28:49 -07:00
Tony Arcieri
759a11fa8c Assign RUSTSEC-2019-0004 to ncurses 
Original PR: https://github.com/RustSec/advisory-db/pull/107
 2019-06-18 09:27:56 -07:00
Tony Arcieri
5522c6c9b9 Merge branch 'master' into curses-funcs 2019-06-18 09:13:44 -07:00
Thom Chiovoloni
7e9fe78ade Add advisory for pancurses 2019-06-15 13:15:48 -07:00
Thom Chiovoloni
5466d5badf Add advisory for ncurses 2019-06-15 13:14:05 -07:00
Tony Arcieri
300f36a20d Assign RUSTSEC-2016-0003 to portaudio 
Original PR: https://github.com/RustSec/advisory-db/pull/104
 2019-06-06 17:34:55 -07:00
Jake McGinty
56350b2803 [portaudio] add build script RCE 2019-06-06 16:56:12 +09:00
Andronik Ordian
49bae94718 [protobuf] fix patched versions 2019-05-20 15:45:47 +02:00