mirror of
https://github.com/OMGeeky/advisory-db.git
synced 2026-02-23 15:38:27 +01:00
200651cff2
I believe these two vulnerabilities were patched at 0.1.20. For RUSTSEC-2019-0033: The advisory links to the bug: https://github.com/hyperium/http/issues/352 In that bug, the fixing PR was https://github.com/hyperium/http/pull/360 That PR merged the commit 81ceb61 to fix the bug; that commit, according to GitHub, was first picked up by tag v0.1.20 ([commit][1]). [1]:81ceb611cfFor RUSTSEC-2019-0034: This advisory is two separate GitHub issues against `HeaderMap::drain`, http #354 and http #355. For the first: the issue: https://github.com/hyperium/http/issues/354 In that bug, the fixing PR was https://github.com/hyperium/http/pull/357 That PR merged the commit 82d53db to fix the bug; that commit, according to GitHub, was first picked up by tag v0.1.20 ([commit][2]). [2]:82d53dbdfdFor the second: the issue: https://github.com/hyperium/http/issues/355 In that bug, the fixing PR was https://github.com/hyperium/http/pull/362 That PR merged the commit 8ffe094 to fix the bug; that commit, according to GitHub, was first picked up by tag v0.1.20 ([commit][3]). [3]:8ffe094df1
21 lines
758 B
TOML
21 lines
758 B
TOML
[advisory]
|
|
id = "RUSTSEC-2019-0034"
|
|
package = "http"
|
|
date = "2019-11-16"
|
|
title = "HeaderMap::Drain API is unsound"
|
|
description = """
|
|
Affected versions of this crate incorrectly used raw pointer,
|
|
which introduced unsoundness in its public safe API.
|
|
|
|
[Failing to drop the Drain struct causes double-free](https://github.com/hyperium/http/issues/354),
|
|
and [it is possible to violate Rust's alias rule and cause data race with Drain's Iterator implementation](https://github.com/hyperium/http/issues/355).
|
|
|
|
The flaw was corrected in 0.1.20 release of `http` crate.
|
|
"""
|
|
patched_versions = [">= 0.1.20"]
|
|
categories = ["memory-corruption"]
|
|
keywords = ["memory-safety", "double-free", "unsound"]
|
|
|
|
[affected.functions]
|
|
"http::header::HeaderMap::drain" = ["< 0.1.20"]
|