Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Factory:PowerPC
cargo-audit-advisory-db
cargo-audit-advisory-db.changes
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File cargo-audit-advisory-db.changes of Package cargo-audit-advisory-db
------------------------------------------------------------------- Sat Mar 30 04:06:18 UTC 2024 - william.brown@suse.com - Update to version 20240330: * Assigned (#1924) * Add an unmaintained crate advisory for yaml-rust (#1922) * Assigned RUSTSEC-2023-0085 to hpack (#1920) * Add hpack panics (#1919) * Assigned RUSTSEC-2024-0021 to eyre, RUSTSEC-2023-0084 to hpack (#1916) * eyre: Parts of Report are dropped as the wrong type during downcast (#1918) * Add security advisory for unmaintained hpack crate (#1915) * update RUSTSEC-2024-0020 with additional information (#1913) * Assigned RUSTSEC-2024-0020 to whoami (#1912) * Add advisory for stack buffer overflow with whoami (#1911) ------------------------------------------------------------------- Tue Dec 19 02:11:18 UTC 2023 - william.brown@suse.com - Update to version 20231219: * Assigned RUSTSEC-2023-0074 to zerocopy (#1839) * zerocopy: Some Ref methods are unsound with some type params (#1837) * Update CVSS score of RUSTSEC-2023-0071 (#1838) * Assigned RUSTSEC-2023-0073 to candid (#1835) * Add advisory for candid library decoding DoS vulnerability (#1834) * RUSTSEC-2023-0071: add CVE-2023-49092 as alias (#1830) * RUSTSEC-2023-0071.md: use '###' section headers (#1829) * RUSTSEC-2023-0071: add CVSS, aliases, and new wording (#1828) * Assigned RUSTSEC-2023-0072 to openssl (#1827) * `openssl` `X509StoreRef::objects` is unsound (#1824) ------------------------------------------------------------------- Fri Oct 27 03:02:30 UTC 2023 - william.brown@suse.com - Update to version 20231027: * Assigned RUSTSEC-2023-0068 to cocoon (#1810) * cocoon: sequential calls of encryption API result in nonce reuse (<=0.3.3) (#1805) * Updating information about replacements (#1803) * Assigned RUSTSEC-2023-0067 to fehler (#1801) * fehler is unmaintained (#1800) * Assigned RUSTSEC-2023-0066 to pleaser (#1799) * Document the privilege-escalation vulnerability in pleaser. (#1798) * Update webpki RUSTSEC-2023-0052 advisory. (#1797) * Assigned RUSTSEC-2023-0065 to tungstenite (#1796) * Create advisory for tungstenite DoS (#1795) ------------------------------------------------------------------- Sat Oct 07 01:19:51 UTC 2023 - william.brown@suse.com - Update to version 20231007: * Assigned RUSTSEC-2023-0066 to pleaser (#1799) * Document the privilege-escalation vulnerability in pleaser. (#1798) * Update webpki RUSTSEC-2023-0052 advisory. (#1797) * Assigned RUSTSEC-2023-0065 to tungstenite (#1796) * Create advisory for tungstenite DoS (#1795) * Add patch version (#1794) * Update info about CVE-2023-5129 (#1793) * Bump rustsec-admin to 0.8.8 (#1791) * Assigned RUSTSEC-2023-0064 to gix-transport (#1790) * Add notice to gix-transport crate (#1789) ------------------------------------------------------------------- Thu Aug 17 23:38:35 UTC 2023 - william.brown@suse.com - Update to version 20230818: * Assigned RUSTSEC-2022-0093 to ed25519-dalek (#1745) * Add Double Public Key Signing Function Oracle Attack on `ed25519-dalek` (#1744) * Assigned RUSTSEC-2023-0049 to tui (#1740) * Add unmaintained `tui` advisory (#1739) * Update aliases from GHSA OSV export (#1734) * Assigned RUSTSEC-2023-0048 to intaglio (#1733) * Add advisory for unsoundness in intaglio symbol interners (#1732) * Assigned RUSTSEC-2023-0047 to lmdb-rs (#1730) * report unsoundness of lmdb-rs (#1724) * Fix typos (#1729) ------------------------------------------------------------------- Mon Jul 31 04:07:19 UTC 2023 - william.brown@suse.com - Update to version 20230731: * Update aliases from GHSA OSV export (#1734) * Assigned RUSTSEC-2023-0048 to intaglio (#1733) * Add advisory for unsoundness in intaglio symbol interners (#1732) * Assigned RUSTSEC-2023-0047 to lmdb-rs (#1730) * report unsoundness of lmdb-rs (#1724) * Fix typos (#1729) * Bump rustsec-admin to 0.8.6 (#1728) * Update aliases from GHSA OSV export (#1727) * Update RUSTSEC-2021-0145.md with stable IsTerminal (#1725) * Assigned RUSTSEC-2023-0046 to cyfs-base (#1723) ------------------------------------------------------------------- Tue Jul 11 00:47:33 UTC 2023 - william.brown@suse.com - Update to version 20230711: * Bump rustsec-admin to 0.8.6 (#1728) * Update aliases from GHSA OSV export (#1727) * Update RUSTSEC-2021-0145.md with stable IsTerminal (#1725) * Assigned RUSTSEC-2023-0046 to cyfs-base (#1723) * report misaligned pointer dereference in cyfs-base (#1718) * Assigned RUSTSEC-2023-0045 to memoffset (#1722) * Add advisory to `memoffset` (#1721) * Assigned RUSTSEC-2023-0044 to openssl (#1720) * Report buffer-overread in OpenSSL (#1719) * Update RUSTSEC-2023-0042 to reflect patch. (#1717) ------------------------------------------------------------------- Tue May 30 04:33:12 UTC 2023 - william.brown@suse.com - Update to version 20230530: * Suggest kuchikiki as an alternative to kuchiki (#1698) * Assigned RUSTSEC-2023-0037 to xsalsa20poly1305 (#1695) * xsalsa20poly1305 is unmaintained (#1694) * xml-rs is maintained (#1691) * Assigned RUSTSEC-2023-0036 to tree_magic (#1689) * Add unmaintained tree_magic crate (#1678) * Assigned RUSTSEC-2023-0035 to enumflags2 (#1688) * enumflags2::make_bitflags unsoundness (#1686) * Assigned RUSTSEC-2023-0034 to h2 (#1687) * Add advisory for h2: resource exhaustion vulnerability may lead to DoS (#1684) ------------------------------------------------------------------- Tue May 23 04:42:24 UTC 2023 - william.brown@suse.com - Update to version 20230523: * Assigned RUSTSEC-2023-0037 to xsalsa20poly1305 (#1695) * xsalsa20poly1305 is unmaintained (#1694) * xml-rs is maintained (#1691) * Assigned RUSTSEC-2023-0036 to tree_magic (#1689) * Add unmaintained tree_magic crate (#1678) * Assigned RUSTSEC-2023-0035 to enumflags2 (#1688) * enumflags2::make_bitflags unsoundness (#1686) * Assigned RUSTSEC-2023-0034 to h2 (#1687) * Add advisory for h2: resource exhaustion vulnerability may lead to DoS (#1684) * Fix typos in RUSTSEC-2023-0033 (#1685) ------------------------------------------------------------------- Thu Apr 13 01:00:08 UTC 2023 - william.brown@suse.com - Update to version 20230413: * Bump peter-evans/create-pull-request from 4 to 5 (#1677) * Withdraw RUSTSEC-2021-0147 (#1676) * Assigned RUSTSEC-2023-0032 to ntru (#1674) * Add unsound ntru (#1652) * Assigned RUSTSEC-2023-0031 to spin (#1673) * Added unsound `spin` (#1671) * Assigned RUSTSEC-2023-0030 to versionize (#1669) * Add advisory for versionize crate (#1662) * Assigned RUSTSEC-2023-0029 to nats (#1668) * Fix `nats` directory (#1667) ------------------------------------------------------------------- Thu Feb 23 00:12:48 UTC 2023 - william.brown@suse.com - Update to version 20230223: * Assigned RUSTSEC-2022-0090 to libsqlite3-sys (#1607) * Add sqlite advisory (#1599) * Assigned RUSTSEC-2023-0014 to cortex-m-rt (#1606) * Add soundness advisory for cortex-m-rt (#1601) * Update RUSTSEC-2020-0097.md (#1600) * Better docs (#1598) * Assigned RUSTSEC-2020-0167 to pnet_packet (#1596) * Fix some typos (#1593) * Add advisory for pnet_packet (#1595) * Update RUSTSEC-2020-0071.md (#1594) ------------------------------------------------------------------- Tue Jan 17 03:29:22 UTC 2023 - william.brown@suse.com - Update to version 20230117: * Assigned RUSTSEC-2022-0080 to parity-util-mem (#1530) * Add parity-util-mem unmaintained (#1528) * Assigned RUSTSEC-2021-0146 to twoway (#1529) * Add unmaintained `twoway` (#1435) * Assigned RUSTSEC-2022-0079 to elf_rs (#1527) * Add advisory for elf_rs crate (#1450) * Update RUSTSEC-2021-0088.md (#1512) * Assigned RUSTSEC-2022-0078 to bumpalo (#1526) * Add advisory for bumpalo Vec iterator unsoundness (#1525) * Assigned RUSTSEC-2022-0077 to claim (#1523) ------------------------------------------------------------------- Tue Nov 01 22:16:48 UTC 2022 - william.brown@suse.com - Update to version 20221102: * Assigned RUSTSEC-2022-0065 to openssl-src (#1455) * CVE-2022-3786 in openssl (#1453) * Assigned RUSTSEC-2022-0064 to openssl-src (#1454) * CVE-2022-3602 in openssl (#1452) * Assigned RUSTSEC-2022-0063 to linked_list_allocator (#1449) * Add CVE-2022-36086 for linked_list_allocator (#1448) * Assigned RUSTSEC-2022-0062 to matrix-sdk (#1445) * Add advisory for logging of access tokens in matrix-sdk (#1444) * Assigned RUSTSEC-2022-0061 to parity-wasm (#1443) * Add unmaintained `parity-wasm` (#1441) ------------------------------------------------------------------- Wed Sep 28 01:22:33 UTC 2022 - william.brown@suse.com - Update to version 20220928: * Assigned RUSTSEC-2022-0056 to clipboard (#1425) * Add unmaintained `clipboard` (#1267) * Fix informational footnote wording (#1420) * Add `stylish` as `ansi_term` alternative (#1421) * Assigned RUSTSEC-2022-0055 to axum-core (#1419) * Add `axum-core` DoS (#1417) * Assigned RUSTSEC-2021-0144 to traitobject (#1415) * Add unmaintained `traitobject` (#1390) * Assigned RUSTSEC-2019-0039 to typemap (#1414) * Add unmaintained `typemap` (#1406) ------------------------------------------------------------------- Wed May 11 01:12:29 UTC 2022 - wbrown@suse.de - Update to version 20220511: * Assigned RUSTSEC-2022-0022 to hyper (#1235) * add hyper advisory (#1232) * Assigned RUSTSEC-2022-0019 to crossbeam-channel, RUSTSEC-2022-0020 to crossbeam, RUSTSEC-2022-0021 to crossbeam-queue (#1233) * add crossbeam advisories for incorrect (unsound) zeroed memory (#1231) * Assigned RUSTSEC-2022-0018 to totp-rs (#1230) * Possible timing attack in totp-rs (#1229) * HOWTO_UNMAINTAINED.md: guide for unmaintained crate advisories (#1192) * Assigned RUSTSEC-2022-0017 to array-macro (#1225) * Add advisory for using impure constants in array-macro (#1224) * Add patch version for fruity (#1223) ------------------------------------------------------------------- Thu Apr 28 02:57:45 UTC 2022 - wbrown@suse.de - Update to version 20220428: * Assigned RUSTSEC-2022-0017 to array-macro (#1225) * Add advisory for using impure constants in array-macro (#1224) * Add patch version for fruity (#1223) * Update RUSTSEC-2020-0071.md (#1222) * RUSTSEC-2022-0012: note that v0.10.0+ is patched (#1220) * Assigned RUSTSEC-2022-0016 to wasmtime (#1218) * Add CVE-2022-24791 for Wasmtime (#1217) * Assigned RUSTSEC-2022-0015 to pty (#1215) * Add unmaintained advisory for pty (#1213) * Assigned RUSTSEC-2022-0014 to openssl-src (#1211) ------------------------------------------------------------------- Wed Apr 20 00:36:52 UTC 2022 - wbrown@suse.de - Update to version 20220420: * Add patch version for fruity (#1223) * Update RUSTSEC-2020-0071.md (#1222) * RUSTSEC-2022-0012: note that v0.10.0+ is patched (#1220) * Assigned RUSTSEC-2022-0016 to wasmtime (#1218) * Add CVE-2022-24791 for Wasmtime (#1217) * Assigned RUSTSEC-2022-0015 to pty (#1215) * Add unmaintained advisory for pty (#1213) * Assigned RUSTSEC-2022-0014 to openssl-src (#1211) * Add CVE-2022-0778 for openssl-src (#1210) * Assigned RUSTSEC-2022-0013 to regex (#1208) ------------------------------------------------------------------- Wed Mar 30 01:47:58 UTC 2022 - William Brown <william.brown@suse.com> - Resolve issue with obs install check on non-tier1 arches ------------------------------------------------------------------- Wed Mar 23 10:54:26 UTC 2022 - wbrown@suse.de - Update to version 20220323: * Assigned RUSTSEC-2022-0015 to pty (#1215) * Add unmaintained advisory for pty (#1213) * Assigned RUSTSEC-2022-0014 to openssl-src (#1211) * Add CVE-2022-0778 for openssl-src (#1210) * Assigned RUSTSEC-2022-0013 to regex (#1208) * add cve-2022-24713 (#1207) * mark RUSTSEC-2021-0019 fixed, add references (#1206) * RUSTSEC-2021-0134: Remove recursive_reference from the list of alternatives (#1200) * Assigned RUSTSEC-2022-0012 to arrow2 (#1205) * Added advisory for `arrow2::ffi::Ffi_ArrowArray` double free (#1204) ------------------------------------------------------------------- Fri Mar 11 03:15:25 UTC 2022 - wbrown@suse.de - Update to version 20220311: * Assigned RUSTSEC-2022-0013 to regex (#1208) * add cve-2022-24713 (#1207) * mark RUSTSEC-2021-0019 fixed, add references (#1206) * RUSTSEC-2021-0134: Remove recursive_reference from the list of alternatives (#1200) * Assigned RUSTSEC-2022-0012 to arrow2 (#1205) * Added advisory for `arrow2::ffi::Ffi_ArrowArray` double free (#1204) * Assigned RUSTSEC-2022-0011 to rust-crypto (#1202) * `rust-crypto`: miscomputation when performing AES encryption (#1201) * Update RUSTSEC-2020-0150.md (#1199) * Assigned RUSTSEC-2022-0010 to enum-map (#1198) ------------------------------------------------------------------- Tue Feb 15 00:57:25 UTC 2022 - wbrown@suse.de - Update to version 20220215: * Suggest maintained alternatives for Rental advisory (#1187) * Update RUSTSEC-2022-0009.md (#1186) * Assigned RUSTSEC-2020-0162 to tokio-proto (#1185) * Mark tokio-proto as deprecated (#1184) * Assigned RUSTSEC-2022-0009 to libp2p-core (#1183) * Add entry for libp2p-core vulnerability (#1182) * Add patched version to DashMap advisory (#1181) * Assigned RUSTSEC-2022-0008 to windows (#1178) * Add advisory for windows (#1177) * Assigned RUSTSEC-2022-0007 to qcell (#1172) ------------------------------------------------------------------- Wed Jan 05 02:13:49 UTC 2022 - wbrown@suse.de - Update to version 20220105: * Assigned RUSTSEC-2021-0134 to rental (#1137) * Report that rental is no longer maintained (#1136) * Assigned RUSTSEC-2020-0160 to shamir (#1135) * Turn the issue about shamir into an advisory (#1134) * Assigned RUSTSEC-2021-0133 to cargo-download (#1133) * Mark cargo-download unmaintained (#1132) * Mark arrow advisories as fixed in https://github.com/apache/arrow-rs/issues/817 (#1131) * Assigned RUSTSEC-2021-0132 to compu-brotli-sys (#1130) * CVE-2020-8927 for compu-brotli-sys (#1129) * Assigned RUSTSEC-2021-0131 to brotli-sys (#1128) ------------------------------------------------------------------- Fri Dec 10 04:08:52 UTC 2021 - wbrown@suse.de - Update to version 20211210: * Assigned RUSTSEC-2021-0128 to rusqlite (#1120) * Report `rusqlite` closure lifetime issue (#1117) * correct formatting for lists in RUSTSEC-2021-0127 (#1116) * Assigned RUSTSEC-2021-0127 to serde_cbor (#1115) * serde_cbor is unmaintained (#1114) * Assigned RUSTSEC-2021-0126 to rust-embed (#1113) * Add advisory for rust-embed path traversal (#1112) * Adds maintained alternative to slice_deque (#1109) * Assigned RUSTSEC-2021-0125 to simple_asn1 (#1108) * Security advisory on simple_asn1 version 0.6.0 (#1103) ------------------------------------------------------------------- Tue Nov 30 02:12:58 UTC 2021 - wbrown@suse.de - Update to version 20211130: * Assigned RUSTSEC-2021-0126 to rust-embed (#1113) * Add advisory for rust-embed path traversal (#1112) * Adds maintained alternative to slice_deque (#1109) * Assigned RUSTSEC-2021-0125 to simple_asn1 (#1108) * Security advisory on simple_asn1 version 0.6.0 (#1103) * Assigned RUSTSEC-2021-0124 to tokio (#1107) * Add advisory for tokio-rs/tokio#4225 (#1106) * Add CVE for RUSTSEC-2021-0123 (#1105) * Assigned RUSTSEC-2021-0123 to fruity (#1104) * Add fruity advisory for nvzqz/fruity#14 (#1102) ------------------------------------------------------------------- Fri Nov 12 00:17:17 UTC 2021 - wbrown@suse.de - Update to version 20211112: * Assigned RUSTSEC-2021-0122 to flatbuffers (#1100) * Add `flatbuffers` advisory for flatbuffers#6627 (#1093) * add cve info to advisories (#1099) * Bump `rustsec-admin` to v0.5.3 (#1091) * Add cvss information from nvd (#1085) * Add missing method to time vulnerability (#1086) * Add CVE alias for RUSTSEC-2021-0069 (#1087) * Assigned RUSTSEC-2021-0121 to crypto2 (#1084) * Unsound implementation of Chacha20 in crypto2 (#1072) * Assigned RUSTSEC-2020-0159 to chrono (#1083) ------------------------------------------------------------------- Wed Nov 03 00:32:55 UTC 2021 - wbrown@suse.de - Update to version 20211103: * Bump `rustsec-admin` to v0.5.3 (#1091) * Add cvss information from nvd (#1085) * Add missing method to time vulnerability (#1086) * Add CVE alias for RUSTSEC-2021-0069 (#1087) * Assigned RUSTSEC-2021-0121 to crypto2 (#1084) * Unsound implementation of Chacha20 in crypto2 (#1072) * Assigned RUSTSEC-2020-0159 to chrono (#1083) * Add `chrono` advisory for chrono#499 (localtime_r) (#1082) * Update vec-const advisory (#1081) * Assigned RUSTSEC-2021-0120 to abomonation (#1080) ------------------------------------------------------------------- Sun Oct 24 23:45:27 UTC 2021 - wbrown@suse.de - Update to version 20211025: * Bump `rustsec-admin` to v0.5.3 (#1091) * Add cvss information from nvd (#1085) * Add missing method to time vulnerability (#1086) * Add CVE alias for RUSTSEC-2021-0069 (#1087) * Assigned RUSTSEC-2021-0121 to crypto2 (#1084) * Unsound implementation of Chacha20 in crypto2 (#1072) * Assigned RUSTSEC-2020-0159 to chrono (#1083) * Add `chrono` advisory for chrono#499 (localtime_r) (#1082) * Update vec-const advisory (#1081) * Assigned RUSTSEC-2021-0120 to abomonation (#1080) ------------------------------------------------------------------- Tue Oct 19 01:15:12 UTC 2021 - wbrown@suse.de - Update to version 20211019: * Assigned RUSTSEC-2021-0121 to crypto2 (#1084) * Unsound implementation of Chacha20 in crypto2 (#1072) * Assigned RUSTSEC-2020-0159 to chrono (#1083) * Add `chrono` advisory for chrono#499 (localtime_r) (#1082) * Update vec-const advisory (#1081) * Assigned RUSTSEC-2021-0120 to abomonation (#1080) * Report abomonation as unsound (#1079) * Update RUSTEC-2020-0071 (#1078) * add missing cve info to advisories (#1077) * Add CVE information to RUSTSEC-2020-0142 (#1076) ------------------------------------------------------------------- Mon Oct 04 21:21:06 UTC 2021 - wbrown@suse.de - Update to version 20211005: * add CVE information to RUSTSEC-2021-0080 (#1068) * Add CVE information (#1067) * Assigned RUSTSEC-2021-0119 to nix (#1066) * nix::unistd::getgrouplist buffer overflow (#1060) * Assigned RUSTSEC-2021-0118 to arrow (#1064) * Yet another arrow advisory (#1059) * Assigned RUSTSEC-2021-0117 to arrow (#1063) * arrow DecimalArray advisory (#1058) * Assigned RUSTSEC-2021-0116 to arrow (#1062) * arrow BinaryArray advisory (#1057) ------------------------------------------------------------------- Mon Aug 02 02:47:18 UTC 2021 - wbrown@suse.de - Update to version 20210802: * Assigned RUSTSEC-2021-0077 to better-macro (#969) * better-macro has deliberate RCE in proc-macro (#966) * Assigned RUSTSEC-2021-0076 to libsecp256k1 (#964) * Add advisory for libsecp256k1 (#963) * Assigned RUSTSEC-2021-0075 to ark-r1cs-std (#962) * `ark_r1cs_std::mul_by_inverse` generated unsound constraints in versions below `0.3.1` (#961) * Revert "Hotfix #957 until we figure out what to do with it (#958)" (#960) * Assigned RUSTSEC-2021-0074 to ammonia (#959) * Add rust-ammonia/ammonia#142 (#956) * Hotfix #957 until we figure out what to do with it (#958) ------------------------------------------------------------------- Wed Jul 21 04:16:56 UTC 2021 - wbrown@suse.de - Update to version 20210721: * Assigned RUSTSEC-2021-0076 to libsecp256k1 (#964) * Add advisory for libsecp256k1 (#963) * Assigned RUSTSEC-2021-0075 to ark-r1cs-std (#962) * `ark_r1cs_std::mul_by_inverse` generated unsound constraints in versions below `0.3.1` (#961) * Revert "Hotfix #957 until we figure out what to do with it (#958)" (#960) * Assigned RUSTSEC-2021-0074 to ammonia (#959) * Add rust-ammonia/ammonia#142 (#956) * Hotfix #957 until we figure out what to do with it (#958) * Assigned RUSTSEC-2021-0073 to prost-types (#955) * prost-types: Timestamp conversion overflow (#954) ------------------------------------------------------------------- Fri Jul 02 01:00:10 UTC 2021 - wbrown@suse.de - Update to version 20210702: * Fix RUSTSEC-2021-0048 which doesn't declare an operand (#945) * Add `withdrawn` field (#942) * Bump `rustsec-admin` to v0.5.0 (#944) * Add patched version for flatbuffers RUSTSEC-2020-0009 (#943) * Update RUSTSEC-2021-0049.md (#941) * Assigned RUSTSEC-2021-0071 to grep-cli (#940) * crates/grep-cli: add advisory for arbitrary binary execution on Windows (#939) * Add GHSA mentions to `aliases` field. This is becoming more important with OSV enabling interop between databases (#937) * Update RUSTSEC-2020-0043.md (#934) * Assigned RUSTSEC-2021-0070 to nalgebra (#932) ------------------------------------------------------------------- Sat Jun 19 06:27:26 UTC 2021 - wbrown@suse.de - Update to version 20210619: * Update RUSTSEC-2021-0049.md (#941) * Assigned RUSTSEC-2021-0071 to grep-cli (#940) * crates/grep-cli: add advisory for arbitrary binary execution on Windows (#939) * Add GHSA mentions to `aliases` field. This is becoming more important with OSV enabling interop between databases (#937) * Update RUSTSEC-2020-0043.md (#934) * Assigned RUSTSEC-2021-0070 to nalgebra (#932) * Add advisory for nalgebra VecStorage/MatrixVec (#931) * Remove range overlaps, fix some range specifications (#930) * Make ranges in trust-dns-proto advisory non-overlapping (#929) * Assigned RUSTSEC-2021-0069 to lettre (#925) ------------------------------------------------------------------- Tue Jun 01 01:28:10 UTC 2021 - wbrown@suse.de - Update to version 20210601: * Assigned RUSTSEC-2021-0069 to lettre (#925) * Add lettre smtp vulnerability (#924) * Assigned RUSTSEC-2021-0068 to iced-x86 (#923) * iced-x86: fix lint (#922) * Add advisory for iced-x86 soundness bug (#914) * Assigned RUSTSEC-2021-0067 to cranelift-codegen (#921) * fixes #915 - remove duplicate word (#916) * Add RUSTSEC notice for CVE-2021-32629, a Cranelift miscompilation bug. (#918) * Bump rustsec-admin to v0.4.3 (#919) * evm-core: fix crate name (#911) ------------------------------------------------------------------- Fri May 07 03:16:33 UTC 2021 - wbrown@suse.de - Update to version 20210507: * Assigned RUSTSEC-2021-0064 to cpuid-bool (#905) * Add unmaintained crate advisory for `cpuid-bool` (#904) * Assigned RUSTSEC-2021-0063 to comrak (#903) * Add advisory for another comrak XSS (#902) * aes* crates: add crate names to advisory titles (#901) * Assigned RUSTSEC-2021-0062 to miscreant (#900) * Add unmaintained crate advisory for `miscreant` (#899) * Assigned RUSTSEC-2021-0061 to aes-ctr (#898) * Add unmaintained crate advisory for `aes-ctr` (#897) * Assigned RUSTSEC-2021-0060 to aes-soft (#896) ------------------------------------------------------------------- Wed Apr 28 00:52:16 UTC 2021 - wbrown@suse.de - Update to version 20210428: * Yank advisories for once-again maintained `dirs`/`directories` crates (#876) * Mark patched tiny-http version for 2020-0031 (#875) * Assigned RUSTSEC-2021-0053 to algorithmica (#874) * Report 0163-algorithmica to RustSec * Add std CVE (#869) * Update CVE numbers (#870) * Update advisory to indicate patched versions of stackvector. * Added patch to "fix" vulnerability. (#866) * Assigned RUSTSEC-2021-0051 to outer_cgi, RUSTSEC-2021-0052 to id-map * Add advisory for double-free issues in id-map ------------------------------------------------------------------- Tue Apr 20 00:45:30 UTC 2021 - wbrown@suse.de - Update to version 20210420: * Yank advisories for once-again maintained `dirs`/`directories` crates (#876) * Mark patched tiny-http version for 2020-0031 (#875) * Assigned RUSTSEC-2021-0053 to algorithmica (#874) * Report 0163-algorithmica to RustSec * Add std CVE (#869) * Update CVE numbers (#870) * Update advisory to indicate patched versions of stackvector. * Added patch to "fix" vulnerability. (#866) * Assigned RUSTSEC-2021-0051 to outer_cgi, RUSTSEC-2021-0052 to id-map * Add advisory for double-free issues in id-map ------------------------------------------------------------------- Wed Mar 31 23:17:44 UTC 2021 - wbrown@suse.de - Update to version 20210401: * Assigned RUSTSEC-2021-0050 to reorder * Add advisory for out-of-bounds write and uninitialized memory exposure in reorder * max7301: Mark RUSTSEC-2020-0152 as patched. (#859) * Assigned RUSTSEC-2020-0152 to max7301 * Add advisory for data race in max7301 * Assigned RUSTSEC-2020-0151 to generator * Add advisory for data race in generator (#855) * Assigned RUSTSEC-2020-0150 to disrustor ------------------------------------------------------------------- Wed Mar 17 00:54:18 UTC 2021 - wbrown@suse.de - Update to version 20210317: * Have master-to-main mirror force push (#822) * Fix `main` -> `master` mirroring (#821) * Rename `master` branch to `main` (#820) * Mirror 'main' branch to 'master' (#819) * README.md: fix "Report Vulnerability" button (#818) * Assigned RUSTSEC-2021-0040 to arenavec * Assigned RUSTSEC-2021-0039 to endian_trait * arenavec: update advisory title to clarify issue * Report 0109-arenavec to RustSec ------------------------------------------------------------------- Tue Mar 02 23:56:22 UTC 2021 - wbrown@suse.de - Update to version 20210223: * Assigned RUSTSEC-2021-0032 to byte_struct * Assigned RUSTSEC-2021-0031 to nano_arena * Add advisory for aliasing violation in nano_arena * Add advisory for uninitialized memory drop in byte_struct * Assigned RUSTSEC-2021-0030 to scratchpad * Add advisory for double-free in scratchpad * Revert "Mark RUSTSEC-2020-0146 as unsound (#788)" * Mark RUSTSEC-2020-0146 as unsound (#788) * Heapless soundness fix since 0.6.1 (#791) * Update RUSTSEC-2020-0146.md with list of patched versions (#789) * Assigned RUSTSEC-2021-0029 to truetype * Report uninitialized memory exposure in truetype * Assigned RUSTSEC-2021-0028 to toodee * Add advisory for memory safety issue in toodee's insert_row * Assigned RUSTSEC-2021-0027 to bam * Add advisory for out-of-bounds write in bam * Assigned RUSTSEC-2020-0146 to generic-array * Add an advisory on lifetime extension in generic-array * Assigned RUSTSEC-2020-0145 to heapless * heapless: fix year: 2020, not 2010 * heapless: use-after-free when cloning partially consumed Iterator * Update CVE numbers (#777) ------------------------------------------------------------------- Tue Feb 23 04:40:05 UTC 2021 - William Brown <william.brown@suse.com> - Initial commit of 20210223
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor