mirror of
https://github.com/OMGeeky/advisory-db.git
synced 2026-02-23 15:38:27 +01:00
5f68bbad79
* Add advisory for tokio-rs/tokio#4225 If a `tokio::sync::oneshot` channel is closed (via the [`oneshot::Receiver::close`] method), a data race may occur if the `oneshot::Sender::send` method is called while the corresponding `oneshot::Receiver` is `await`ed or calling `try_recv`. When these methods are called concurrently on a closed channel, the two halves of the channel can concurrently access a shared memory location, resulting in a data race. This has been observed to [cause memory corruption][corruption]. Note that the race only occurs when **both** halves of the channel are used after one half has called `close`. Code where `close` is not used, or where the `Receiver` is not `await`ed and `try_recv` is not called after calling `close`, is not affected. See tokio-rs/tokio#4225 for more details. This issue was patched in v1.13.1. The patch was backported to the current LTS version (v1.8.x) in release v1.8.4. * Update crates/tokio/RUSTSEC-0000-0000.md Co-authored-by: Tony Arcieri <bascule@gmail.com> * fix toml lint whoops * Update crates/tokio/RUSTSEC-0000-0000.md * Update crates/tokio/RUSTSEC-0000-0000.md Co-authored-by: Tony Arcieri <bascule@gmail.com>