mirror of
https://github.com/OMGeeky/advisory-db.git
synced 2026-01-05 19:20:34 +01:00
64c17acfe3
As announced in #228, this commit migrates all advisories to the new V2 format, which splits version information into a separate section, and now has a structure which corresponds to the internal code structure of the `rustsec` crate. This is a breaking change for users of `cargo-audit` < 0.9, and anyone who has written a 3rd party advisory format parser.
28 lines
1006 B
TOML
28 lines
1006 B
TOML
[advisory]
|
|
id = "RUSTSEC-2019-0024"
|
|
package = "rustsec-example-crate"
|
|
date = "2019-10-08"
|
|
url = "https://github.com/RustSec/advisory-db/issues/158"
|
|
title = "Test advisory with associated example crate"
|
|
description = """
|
|
This is a test advisory useful for verifying RustSec tooling and vulnerability
|
|
detection pipelines are working correctly. Aside from the fact that it is filed
|
|
against an example crate, it is otherwise considered by the Advisory Database
|
|
itself to be a normal security advisory.
|
|
|
|
It's filed against `rustsec-example-crate`, an otherwise completely empty crate
|
|
with no functionality or code, which has two releases:
|
|
|
|
- [v0.0.1] - *vulnerable* according to this advisory
|
|
- [v1.0.0] - *patched* by this advisory
|
|
|
|
(Technically there is a third release, v0.0.0, which is yanked, but otherwise
|
|
identical to the v0.0.1 release)
|
|
|
|
[v0.0.1]: https://crates.io/crates/rustsec-example-crate/0.0.1
|
|
[v1.0.0]: https://crates.io/crates/rustsec-example-crate/1.0.0
|
|
"""
|
|
|
|
[versions]
|
|
patched = [">= 1.0.0"]
|