github-actions[bot]
e4ac884b59
Assigned RUSTSEC-2022-0036 to r2d2_odbc ( #1297 )
...
Co-authored-by: pinkforest <pinkforest@users.noreply.github.com >
2022-08-03 03:34:36 +10:00
pinkforest(she/her)
c568a8a3bc
Fix r2d2_odbc name ( #1296 )
...
* Fix r2d2_odbc name
2022-08-03 03:32:03 +10:00
Bruno Bigras
d8e134f108
Add unmaintained advisory for r2d2-odbc ( #1150 )
...
fix #1097
2022-08-03 03:14:56 +10:00
github-actions[bot]
6a31ac7433
Assigned RUSTSEC-2020-0163 to term_size ( #1295 )
...
Co-authored-by: pinkforest <pinkforest@users.noreply.github.com >
2022-08-03 00:03:23 +10:00
LingMan
b0fc002bcd
Add unmaintained advisory for term_size ( #1275 )
2022-08-03 00:01:14 +10:00
Evan Richter
fdbc12eb9f
fix typo in advisory date ( #1294 )
2022-08-01 18:35:31 -04:00
Vitaly Shukela
f6c6cd09c9
Update CONTRIBUTING.md ( #1292 )
...
Clarify file format for creating advisory.
Explicitly mention that there should be markdown text, not just the toml.
2022-08-01 15:22:38 -04:00
github-actions[bot]
2618960a7f
Assigned RUSTSEC-2022-0035 to websocket ( #1293 )
...
Co-authored-by: Shnatsel <Shnatsel@users.noreply.github.com >
2022-08-01 21:21:57 +02:00
Vitaly Shukela
7d36edf537
Add advisory for websocket ( #1291 )
...
* Add advisory for websocket
* Update RUSTSEC-0000-0000.md
* Add text to websocket advisory
* Add title to fix CI
Co-authored-by: Sergey "Shnatsel" Davidoff <shnatsel@gmail.com >
2022-08-01 21:19:33 +02:00
Yechan Bae
2380d517ee
Remove redundant usually ( #1288 )
2022-08-01 00:37:19 +02:00
Sergey "Shnatsel" Davidoff
c1ae578c27
Create MAINTAINERS_GUIDE.md ( #1286 )
...
* Create MAINTAINERS_GUIDE.md
* Clarify motivation for not making substantial edits unilaterally
2022-07-30 20:46:36 +02:00
github-actions[bot]
36df8a4efc
Assigned RUSTSEC-2022-0034 to pkcs11 ( #1283 )
...
Co-authored-by: tarcieri <tarcieri@users.noreply.github.com >
2022-07-25 11:19:15 -06:00
Ionuț Mihalcea
48214447df
Add advisory for pkcs11 ( #1282 )
...
Signed-off-by: Ionut Mihalcea <ionut.mihalcea@arm.com >
2022-07-23 08:29:34 -06:00
github-actions[bot]
2718c2db84
Assigned RUSTSEC-2022-0033 to openssl-src ( #1279 )
...
Co-authored-by: Shnatsel <Shnatsel@users.noreply.github.com >
2022-07-05 14:48:56 +02:00
Alexis Mousset
d820cf991c
Add advisory for openssl CVE-2022-2274 ( #1276 )
2022-07-05 14:44:40 +02:00
github-actions[bot]
1c17612a36
Assigned RUSTSEC-2022-0032 to openssl-src ( #1278 )
...
Co-authored-by: Shnatsel <Shnatsel@users.noreply.github.com >
2022-07-05 14:44:23 +02:00
Alexis Mousset
6f8de93f84
Add advisory for openssl CVE-2022-2097 ( #1277 )
2022-07-05 14:33:40 +02:00
github-actions[bot]
b4ed922847
Assigned RUSTSEC-2022-0031 to rulex ( #1274 )
...
Co-authored-by: Shnatsel <Shnatsel@users.noreply.github.com >
2022-06-26 22:01:26 +02:00
Evan Richter
d0e82ff0d7
rulex advisory for string indexing panic ( #1272 )
2022-06-26 21:48:57 +02:00
github-actions[bot]
03ab8e5349
Assigned RUSTSEC-2022-0030 to rulex ( #1273 )
...
Co-authored-by: Shnatsel <Shnatsel@users.noreply.github.com >
2022-06-26 21:44:13 +02:00
Evan Richter
c188be71e2
rulex advisory for stack overflow ( #1271 )
2022-06-26 21:42:00 +02:00
8573
7381319981
Copyedit RUSTSEC-2021-0122 ( #1269 )
...
Apply some copyedits to the text introduced by #1268 . Add a missing
comma; inflect "be" better; and use normal quotation marks rather than
backticks around the word "safe", referring to Safe Rust, as, unlike
`unsafe`, "safe" is not Rust syntax.
2022-06-25 14:06:03 +02:00
Andrew Lamb
9e0c88bd78
Clarify flatbuffers RUSTSEC-2021-0122.md ( #1268 )
...
It may be hard for non Rust experts to understand what the implications of "is `unsafe` but not marked as such" means
I propose adding some more supporting information
2022-06-24 16:17:18 +02:00
Sergey "Shnatsel" Davidoff
49fb6c0b94
Revert "Fix RUSTSEC-2022-0025,26,27 openssl-src for the 111 stream ( #1263 )" ( #1264 )
...
This reverts commit 7cbdcd8500
2022-06-20 14:19:49 +02:00
pinkforest(she/her)
7cbdcd8500
Fix RUSTSEC-2022-0025,26,27 openssl-src for the 111 stream ( #1263 )
...
* Fix advisory openssl-src 111 stream patched
* not a semver
* make 111 affected
2022-06-17 13:15:51 +02:00
github-actions[bot]
f10f232879
Assigned RUSTSEC-2022-0029 to crossbeam ( #1261 )
...
Co-authored-by: Shnatsel <Shnatsel@users.noreply.github.com >
2022-06-08 01:12:13 +02:00
Sergey "Shnatsel" Davidoff
e8ef9ea980
Add patched version to im RUSTSEC-2020-0096 ( #1259 )
2022-06-08 01:10:26 +02:00
Ben Kimock
6a769d1d24
Report data race/memory corruption in crossbeam 0.2 ( #1260 )
2022-06-08 01:10:09 +02:00
Tony Arcieri
f79eb4bad9
Revert "Withdraw RUSTSEC-2020-0071: Potential segfault in the time crate ( #1242 )" ( #1258 )
...
This reverts commit a47cd63007https://github.com/rustsec/advisory-db/pull/1242#issuecomment-1144903688
2022-06-02 08:37:44 -06:00
github-actions[bot]
29281434b7
Assigned RUSTSEC-2022-0028 to neon ( #1257 )
...
Co-authored-by: alex <alex@users.noreply.github.com >
2022-05-23 16:11:11 -04:00
K.J. Valencik
b3bf55706f
Use after free in Neon externally allocated JavaScript buffers ( #1256 )
2022-05-23 16:05:22 -04:00
Tony Arcieri
ef71758448
README.md: maintained as of Q2 2022
2022-05-23 08:11:59 -06:00
Tony Arcieri
c1d94fd681
Bump rustsec-admin to v0.7.0 ( #1255 )
...
Release notes: https://github.com/rustsec/rustsec/pull/575
2022-05-23 07:50:54 -06:00
Ralf Jung
b4d8786707
fix hyper patched version number ( #1250 )
2022-05-20 13:16:20 +02:00
Alexis Mousset
0abe74330b
Fix category of RUSTSEC-2022-0025 ( #1249 )
2022-05-19 22:32:59 +02:00
github-actions[bot]
bdc5813f40
Assigned RUSTSEC-2022-0027 to openssl-src ( #1248 )
...
Co-authored-by: Shnatsel <Shnatsel@users.noreply.github.com >
2022-05-19 19:41:25 +02:00
Alexis Mousset
c9177664c2
Add advisory for openssl CVE-2022-1343 ( #1243 )
2022-05-19 19:39:38 +02:00
github-actions[bot]
52b29cd771
Assigned RUSTSEC-2022-0026 to openssl-src ( #1247 )
...
Co-authored-by: Shnatsel <Shnatsel@users.noreply.github.com >
2022-05-19 19:39:22 +02:00
Alexis Mousset
999edf8809
Add advisory for openssl CVE-2022-1434 ( #1244 )
2022-05-19 19:37:32 +02:00
github-actions[bot]
4e24c897b5
Assigned RUSTSEC-2022-0025 to openssl-src ( #1246 )
...
Co-authored-by: Shnatsel <Shnatsel@users.noreply.github.com >
2022-05-19 19:37:21 +02:00
Alexis Mousset
e1e8e92e89
Add advisory for openssl CVE-2022-1473 ( #1245 )
2022-05-19 19:35:53 +02:00
David Knaack
a47cd63007
Withdraw RUSTSEC-2020-0071: Potential segfault in the time crate ( #1242 )
2022-05-13 12:27:52 -06:00
Tony Arcieri
ca1383b258
Withdraw RUSTSEC-2020-0159: unsound localtime_r call in chrono ( #1241 )
...
Per rustsec/advisory-db#1190 , it would be good to move to a policy where
we don't file advisories against crates which perform unsynchronized
reads from the process environment, and instead focus only on crates
which modify the process environment in an unsynchronized manner.
2022-05-12 09:45:54 -06:00
github-actions[bot]
ba96a13792
Assigned RUSTSEC-2022-0024 to double-checked-cell ( #1240 )
...
Co-authored-by: Shnatsel <Shnatsel@users.noreply.github.com >
2022-05-11 23:13:02 +02:00
Niklas Fiekas
0653c8f324
Self-report double-checked-cell as unmaintained ( #1239 )
2022-05-11 23:05:53 +02:00
github-actions[bot]
7b009b96f7
Assigned RUSTSEC-2022-0023 to static_type_map ( #1238 )
...
Co-authored-by: Shnatsel <Shnatsel@users.noreply.github.com >
2022-05-11 21:44:11 +02:00
Malobre
30e1ac3cd5
Create RUSTSEC-0000-0000.md ( #1236 )
2022-05-11 21:41:08 +02:00
github-actions[bot]
eb8c788bc0
Assigned RUSTSEC-2022-0022 to hyper ( #1235 )
...
Co-authored-by: Shnatsel <Shnatsel@users.noreply.github.com >
2022-05-10 20:45:40 +02:00
Ralf Jung
6b7b129aef
add hyper advisory ( #1232 )
2022-05-10 20:42:51 +02:00
github-actions[bot]
e78650dfe3
Assigned RUSTSEC-2022-0019 to crossbeam-channel, RUSTSEC-2022-0020 to crossbeam, RUSTSEC-2022-0021 to crossbeam-queue ( #1233 )
...
Co-authored-by: Shnatsel <Shnatsel@users.noreply.github.com >
2022-05-10 17:20:48 +02:00
