rustsec/advisory-db
1
0
Fork 0
mirror of https://github.com/rustsec/advisory-db.git synced 2025-12-27 01:54:07 -05:00
Code Issues Packages Projects Releases Wiki Activity

Add missing method to time vulnerability (#1086)

Browse Source
This commit is contained in:
Jacob Pratt
2021-10-19 18:13:58 -04:00
committed by GitHub
parent 0c762d06a8
commit d8701fad2d
1 changed files with 3 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
crates/time/RUSTSEC-2020-0071.md
View File

@@ -26,6 +26,7 @@ os = [
[affected.functions]
"time::at" = ["^0.1"]
"time::at_utc" = ["^0.1"]
"time::now" = ["^0.1"]
"time::UtcOffset::local_offset_at" = ["< 0.2.23"]
"time::UtcOffset::try_local_offset_at" = ["< 0.2.23"]
"time::UtcOffset::current_local_offset" = ["< 0.2.23"]
@@ -57,6 +58,7 @@ The affected functions in time 0.1 (all versions) are:
- `at`
- `at_utc`
- `now`
Non-Unix targets (including Windows and wasm) are unaffected.
@@ -66,7 +68,7 @@ Pending a proper fix, the internal method that determines the local offset has b
Users and library authors with time in their dependency tree should perform `cargo update`, which will pull in the updated, unaffected code.
Users of time 0.1 do not have a patch and should upgrade to an unaffected version: time 0.2.23 or greater or the 0.3. series.
Users of time 0.1 do not have a patch and should upgrade to an unaffected version: time 0.2.23 or greater or the 0.3 series.
### Workarounds