OMGeeky/advisory-db
1
0
Fork 0
mirror of https://github.com/OMGeeky/advisory-db.git synced 2026-01-06 19:49:45 +01:00
Code Issues Packages Projects Releases Wiki Activity
1,796 Commits 1 Branch 0 Tags
fe7b79e8ebf9ad03660e573e0c2a1ed4e80dee5d
Commit Graph

5 Commits

Author SHA1 Message Date
Tony Arcieri
36705ccc1d RUSTSEC-2020-0159: remove "withdrawn" (#1310) 
Now that there's an actionable fix, we should encourage people to upgrade
 2022-08-04 13:52:46 -06:00
Tony Arcieri
6f3502cf6d RUSTSEC-2020-0159 (chrono): add patched version (#1306) 
The 0.4.20 release of `chrono` includes a pure-Rust replacement for
`localtime_r` which eliminates this issue.
 2022-08-04 10:20:07 -06:00
Tony Arcieri
ca1383b258 Withdraw RUSTSEC-2020-0159: unsound localtime_r call in chrono (#1241) 
Per rustsec/advisory-db#1190, it would be good to move to a policy where
we don't file advisories against crates which perform unsynchronized
reads from the process environment, and instead focus only on crates
which modify the process environment in an unsynchronized manner.
 2022-05-12 09:45:54 -06:00
github-actions[bot]
9823491277 Assigned RUSTSEC-2020-0159 to chrono (#1083) 
Co-authored-by: tarcieri <tarcieri@users.noreply.github.com>
 2021-10-18 10:19:09 -06:00
Tony Arcieri
1d8c7e1f15 Add chrono advisory for chrono#499 (localtime_r) (#1082) 
This is an advisory similar to `RUSTSEC-2020-0071` impacting usages of
`localtime_r` within `chrono` itself, since the API is used in a
cross-thread manner in an unsound way.
 2021-10-18 10:13:47 -06:00