OMGeeky/advisory-db
1
0
Fork 0
mirror of https://github.com/OMGeeky/advisory-db.git synced 2025-12-29 15:56:07 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
ffac5aa5f277cc58331bc879f14e498dca32e0a8
advisory-db/crates
History
Eliza Weisman 9889ed0831 Fix patched version for RUSTSEC-2020-0008 
The vulnerability description for advisory RUSTSEC-2020-0008, "Flaw in
hyper allows request smuggling by sending a body in GET requests", lists
an incorrect patched version. The advisory states that the vulnerability
was fixed in `hyper` 0.12.35, but `hyper`'s changelog [shows][1] that 
the patch (hyperium/hyper@23fc8b0) was published in 0.12.34. I believe
that this means that `cargo audit` will incorrectly report patched 
versions as vulnerable.

This PR corrects the listed version.

[1]: https://github.com/hyperium/hyper/blob/master/CHANGELOG.md#v01234-2019-09-04
2020-03-31 10:41:53 -07:00
..
ammonia
Add CVE mapping
2020-03-18 17:15:13 +01:00
arrayfire
Add CVE mapping
2020-03-18 17:15:13 +01:00
asn1_der
Add CVE mapping
2020-03-18 17:15:13 +01:00
base64
Migrate all advisories to V2 format (closes #228)
2020-03-01 10:46:35 -08:00
bitvec
Assign RUSTSEC-2020-0007 to bitvec
2020-03-30 12:45:16 -07:00
blake2
Add CVE mapping
2020-03-18 17:15:13 +01:00
bumpalo
Assign RUSTSEC-2020-0006 to bumpalo
2020-03-24 14:21:56 -07:00
cassandra
Migrate all advisories to V2 format (closes #228)
2020-03-01 10:46:35 -08:00
cbox
Assign RUSTSEC-2020-0005 to cbox
2020-03-23 09:25:44 -07:00
chacha20
Migrate all advisories to V2 format (closes #228)
2020-03-01 10:46:35 -08:00
chan
Migrate all advisories to V2 format (closes #228)
2020-03-01 10:46:35 -08:00
chttp
Add CVE mapping
2020-03-18 17:15:13 +01:00
claxon
Add CVE mapping
2020-03-18 17:15:13 +01:00
compact_arena
Add CVE mapping
2020-03-18 17:15:13 +01:00
cookie
Add CVE mapping
2020-03-18 17:15:13 +01:00
crossbeam
Add CVE mapping
2020-03-18 17:15:13 +01:00
crust
Migrate all advisories to V2 format (closes #228)
2020-03-01 10:46:35 -08:00
flatbuffers
fix: update patched version for 2019-0028
2020-03-19 15:46:22 -06:00
generator
Migrate all advisories to V2 format (closes #228)
2020-03-01 10:46:35 -08:00
http
Migrate all advisories to V2 format (closes #228)
2020-03-01 10:46:35 -08:00
hyper
Fix patched version for RUSTSEC-2020-0008
2020-03-31 10:41:53 -07:00
image
Add CVE mapping
2020-03-18 17:15:13 +01:00
libflate
Add CVE mapping
2020-03-18 17:15:13 +01:00
libp2p-core
Add CVE mapping
2020-03-18 17:15:13 +01:00
libsecp256k1
Migrate all advisories to V2 format (closes #228)
2020-03-01 10:46:35 -08:00
libusb
Migrate all advisories to V2 format (closes #228)
2020-03-01 10:46:35 -08:00
linea
Add CVE mapping
2020-03-18 17:15:13 +01:00
lucet-runtime-internals
Migrate all advisories to V2 format (closes #228)
2020-03-01 10:46:35 -08:00
memoffset
Add CVE mapping
2020-03-18 17:15:13 +01:00
ncurses
Add CVE mapping
2020-03-18 17:15:13 +01:00
once_cell
Add CVE mapping
2020-03-18 17:15:13 +01:00
openssl
Add CVE mapping
2020-03-18 17:15:13 +01:00
orion
Add CVE mapping
2020-03-18 17:15:13 +01:00
pancurses
Add CVE mapping
2020-03-18 17:15:13 +01:00
portaudio
Add CVE mapping
2020-03-18 17:15:13 +01:00
portaudio-rs
Add CVE mapping
2020-03-18 17:15:13 +01:00
prost
Migrate all advisories to V2 format (closes #228)
2020-03-01 10:46:35 -08:00
protobuf
Add CVE mapping
2020-03-18 17:15:13 +01:00
quickersort
Migrate all advisories to V2 format (closes #228)
2020-03-01 10:46:35 -08:00
renderdoc
Add CVE mapping
2020-03-18 17:15:13 +01:00
rmpv
Migrate all advisories to V2 format (closes #228)
2020-03-01 10:46:35 -08:00
rust_sodium
Migrate all advisories to V2 format (closes #228)
2020-03-01 10:46:35 -08:00
rust-crypto
RUSTSEC-2016-0005: move md-5 crate to legacy algorithms
2020-03-15 15:43:02 -07:00
rustsec-example-crate
Migrate all advisories to V2 format (closes #228)
2020-03-01 10:46:35 -08:00
safe-transmute
Add CVE mapping
2020-03-18 17:15:13 +01:00
security-framework
Add CVE mapping
2020-03-18 17:15:13 +01:00
serde_cbor
Migrate all advisories to V2 format (closes #228)
2020-03-01 10:46:35 -08:00
serde_yaml
Migrate all advisories to V2 format (closes #228)
2020-03-01 10:46:35 -08:00
simd-json
Add CVE mapping
2020-03-18 17:15:13 +01:00
slice-deque
Add CVE mapping
2020-03-18 17:15:13 +01:00
smallvec
Add CVE mapping
2020-03-18 17:15:13 +01:00
sodiumoxide
Migrate all advisories to V2 format (closes #228)
2020-03-01 10:46:35 -08:00
spin
Add CVE mapping
2020-03-18 17:15:13 +01:00
streebog
Migrate all advisories to V2 format (closes #228)
2020-03-01 10:46:35 -08:00
string-interner
Add CVE mapping
2020-03-18 17:15:13 +01:00
tar
Add CVE mapping
2020-03-18 17:15:13 +01:00
term
Migrate all advisories to V2 format (closes #228)
2020-03-01 10:46:35 -08:00
trust-dns-proto
Add CVE mapping
2020-03-18 17:15:13 +01:00
trust-dns-server
Migrate all advisories to V2 format (closes #228)
2020-03-01 10:46:35 -08:00
untrusted
Add CVE mapping
2020-03-18 17:15:13 +01:00
yaml-rust
Add CVE mapping
2020-03-18 17:15:13 +01:00