rustsec/advisory-db
1
0
Fork 0
mirror of https://github.com/rustsec/advisory-db.git synced 2025-12-27 01:54:07 -05:00
Code Issues Packages Projects Releases Wiki Activity
2,004 Commits 21 Branches 0 Tags
update-ids
Commit Graph

16 Commits

Author SHA1 Message Date
Sergey "Shnatsel" Davidoff
b0dce59b2a Fix version specification in CVE-2022-21658 (#1161) 2022-01-21 16:27:28 +01:00
Jesse Szwedko
d4c65da07d Correct year for CVE-2022-21658 (#1157) 
I accidentally put 2021.

Signed-off-by: Jesse Szwedko <jesse@szwedko.me>
 2022-01-20 22:12:36 -05:00
Jesse Szwedko
aad861dd0f Add advisory for CVE-2022-21658 (#1155) 
Closes: https://github.com/rustsec/advisory-db/issues/1154

Signed-off-by: Jesse Szwedko <jesse@szwedko.me>
 2022-01-21 02:54:24 +01:00
Alexis Mousset
e9382c8680 Fix typos in advisories (#976) 2021-08-21 19:18:11 -06:00
ZSchoen
541c537a23 added specific affected functions to CVE-2021-29922 (#975) 
Co-authored-by: Tony Arcieri <bascule@gmail.com>
 2021-08-09 05:15:56 -07:00
ZSchoen
a81783c627 added CVE-2021-29922 (#971) 2021-08-08 12:35:13 -07:00
Yechan Bae
afbc0dc9e1 Update five std CVEs (#946) 2021-07-06 12:36:13 -06:00
Yechan Bae
22b59ea8a3 Add std CVE (#869) 2021-04-13 14:22:28 -07:00
Tony Arcieri
ac125ee29a Translate database into V3 advisory format (#420) 
As proposed in #240 and tracked in #414, this PR translates all
advisories into the new "V3" advisory format, which is based on Markdown
with leading TOML front matter.

This format makes it easier to see rendered Markdown syntax
descriptions, whether rendered by an IDE or GitHub. This should help
with both crafting advisories initially as well as review, and ideally
encourages more lengthy descriptions.

Support for this format shipped in `cargo-audit` v0.12.0 on
May 6th, 2020.
 2020-10-01 18:29:11 -07:00
Tony Arcieri
f0ee46e990 Migrate rust/ advisories to V2 format 
The migration in #236 only handled the `crates/` advisories, not the
ones in `rust/`.

This commit completes the migration.
 2020-03-01 12:10:57 -08:00
Vinzent Steinberg
64cec608d3 Fix typo 2019-10-07 15:08:59 +02:00
Tony Arcieri
e82ba1fe35 CVE-2018-1000810: fix typo 2019-10-02 12:19:53 -07:00
Tony Arcieri
daf03936dd CVE-2019-16760: update advisory title 
Matches the advisory title used for:

https://github.com/rust-lang/rust/security/advisories/GHSA-phjm-8x66-qw4r

Also adds `GHSA-phjm-8x66-qw4r` as an alias
 2019-10-02 12:10:00 -07:00
Tony Arcieri
84423b8605 Add CVE-2019-16760: Security advisory for Cargo (2019-09-30) 
Original announcement: https://groups.google.com/forum/#!topic/rustlang-security-announcements/rVQ5e3TDnpQ
 2019-09-30 09:24:50 -07:00
Tony Arcieri
01ac6725d5 Fix all advisories to pass linter 
Mostly related to the `affected_functions` field, which has changed a
few times.
 2019-09-09 12:19:01 -07:00
Tony Arcieri
58db1ee63a File standard libary/core vulns (closes RustSec/cargo-audit#46) 
Files vulnerabilities in the standard library originally reported at:

https://groups.google.com/forum/#!forum/rustlang-security-announcements

Or otherwise collected at:

https://github.com/RustSec/cargo-audit/issues/46

The `rustsec` crate doesn't presently consume these, but I'd like to add
support ASAP.
 2019-09-02 09:54:05 -07:00