build: niv advisory-db: update 0283f676 -> f960a503 #1516

dfinity-bot · 2021-03-18T16:02:27Z

Changelog for advisory-db:

Branch: master
Commits: RustSec/[email protected]

2b296940 Add advisory on nb-connect SocketAddr casting
d0689e37 Fixed sized-chunks
18b2916a Assigned RUSTSEC-2021-0021 to nb-connect
8b068177 Add use-after-free advisory for yottadb 1.1.0 and earlier
be43bc8c Assigned RUSTSEC-2021-0022 to yottadb
221ec336 rand_core: incorrect check on buffer length when seeding RNGs (RustSec/advisory-db⁠#764)
7c81bd4f Assigned RUSTSEC-2021-0023 to rand_core (RustSec/advisory-db⁠#771)
c2e8d57f Add unmaintained crate advisory for safe-api
55026f94 Add unmaintained crate advisory for jsonrpc-quic
96b16887 Assigned RUSTSEC-2021-0024 to safe-api, RUSTSEC-2021-0025 to jsonrpc-quic
3aada4c4 Add advisory on comrak XSS
a1aa2136 Assigned RUSTSEC-2021-0026 to comrak
5775f258 Fixed memory corruption. (RustSec/advisory-db⁠#776)
b724f12a Update CVE numbers (RustSec/advisory-db⁠#777)
12033122 heapless: use-after-free when cloning partially consumed Iterator
9283d50a heapless: fix year: 2020, not 2010
7c260c52 Assigned RUSTSEC-2020-0145 to heapless
eda0a223 Add an advisory on lifetime extension in generic-array
c71170c3 Assigned RUSTSEC-2020-0146 to generic-array
fe25ca02 Add advisory for out-of-bounds write in bam
fae90251 Assigned RUSTSEC-2021-0027 to bam
af1b1de4 Add advisory for memory safety issue in toodee's insert_row
f4e465c6 Assigned RUSTSEC-2021-0028 to toodee
b4afb832 Report uninitialized memory exposure in truetype
dafd2019 Assigned RUSTSEC-2021-0029 to truetype
1c7888e4 Update RUSTSEC-2020-0146.md with list of patched versions (RustSec/advisory-db⁠#789)
196ad433 Heapless soundness fix since 0.6.1 (RustSec/advisory-db⁠#791)
14e6efec Mark RUSTSEC-2020-0146 as unsound (RustSec/advisory-db⁠#788)
927b303d Revert "Mark RUSTSEC-2020-0146 as unsound (RustSec/advisory-db⁠#788)"
e59320ad Add advisory for double-free in scratchpad
8887e3da Assigned RUSTSEC-2021-0030 to scratchpad
d9614925 Add advisory for uninitialized memory drop in byte_struct
50db2cc7 Add advisory for aliasing violation in nano_arena
6dc26382 Assigned RUSTSEC-2021-0031 to nano_arena
b8b93bd6 Assigned RUSTSEC-2021-0032 to byte_struct
a0c9d676 Add advisory for double-free in stack_dst
2e968911 Assigned RUSTSEC-2021-0033 to stack_dst
aced392f Add unmaintained advisory for rulinalg crate
25e792c0 Add unmaintained advisory for office crate. Fixes RustSec/advisory-db⁠#742
240080a1 Assigned RUSTSEC-2021-0034 to office
a0ec5819 Add advisory for invalid layout assumptions in quinn (RustSec/advisory-db⁠#804)
e93938cb Assigned RUSTSEC-2021-0035 to quinn (RustSec/advisory-db⁠#805)
0f0dbd06 Assigned RUSTSEC-2020-0147 to rulinalg
ac5a6f92 Report 0162-internment to RustSec
423ca504 Assigned RUSTSEC-2021-0036 to internment
4f30ae8e Report use-after-free issue in diesels sqlite backend
e5c10bcc Update crates/diesel/RUSTSEC-0000-0000.md
c31f016d Update crates/diesel/RUSTSEC-0000-0000.md
dd560c65 Assigned RUSTSEC-2021-0037 to diesel
ae1107e4 Update rustsec-admin version to use new website generator (RustSec/advisory-db⁠#810)
a33c05d2 add fltk advisory
5ce40487 Update RUSTSEC-0000-0000.md
d07de997 Update RUSTSEC-0000-0000.md
35e0ea59 replace with keywords
a84dbc5d formatting
805270dc Assigned RUSTSEC-2021-0038 to fltk
3205a091 Report 0090-endian_trait to RustSec
ef52d55d Report 0109-arenavec to RustSec
c2248b0e arenavec: update advisory title to clarify issue
f2f59e4e Assigned RUSTSEC-2021-0039 to endian_trait
0bc081bb Assigned RUSTSEC-2021-0040 to arenavec
0487b3fc README.md: fix "Report Vulnerability" button (RustSec/advisory-db⁠#818)
ad84df90 Mirror 'main' branch to 'master' (RustSec/advisory-db⁠#819)
2c43b700 Rename master branch to main (RustSec/advisory-db⁠#820)
7b10b2e7 Fix main -> master mirroring (RustSec/advisory-db⁠#821)
f960a503 Have master-to-main mirror force push (RustSec/advisory-db⁠#822)

## Changelog for advisory-db: Branch: master Commits: [rustsec/advisory-db@0283f676...f960a503](rustsec/advisory-db@0283f67...f960a50) * [`2b296940`](rustsec/advisory-db@2b29694) Add advisory on nb-connect SocketAddr casting * [`d0689e37`](rustsec/advisory-db@d0689e3) Fixed sized-chunks * [`18b2916a`](rustsec/advisory-db@18b2916) Assigned RUSTSEC-2021-0021 to nb-connect * [`8b068177`](rustsec/advisory-db@8b06817) Add use-after-free advisory for `yottadb 1.1.0` and earlier * [`be43bc8c`](rustsec/advisory-db@be43bc8) Assigned RUSTSEC-2021-0022 to yottadb * [`221ec336`](rustsec/advisory-db@221ec33) rand_core: incorrect check on buffer length when seeding RNGs ([RustSec/advisory-db⁠#764](http://r.duckduckgo.com/l/?uddg=https://github.com/RustSec/advisory-db/issues/764)) * [`7c81bd4f`](rustsec/advisory-db@7c81bd4) Assigned RUSTSEC-2021-0023 to rand_core ([RustSec/advisory-db⁠#771](http://r.duckduckgo.com/l/?uddg=https://github.com/RustSec/advisory-db/issues/771)) * [`c2e8d57f`](rustsec/advisory-db@c2e8d57) Add unmaintained crate advisory for `safe-api` * [`55026f94`](rustsec/advisory-db@55026f9) Add unmaintained crate advisory for `jsonrpc-quic` * [`96b16887`](rustsec/advisory-db@96b1688) Assigned RUSTSEC-2021-0024 to safe-api, RUSTSEC-2021-0025 to jsonrpc-quic * [`3aada4c4`](rustsec/advisory-db@3aada4c) Add advisory on comrak XSS * [`a1aa2136`](rustsec/advisory-db@a1aa213) Assigned RUSTSEC-2021-0026 to comrak * [`5775f258`](rustsec/advisory-db@5775f25) Fixed memory corruption. ([RustSec/advisory-db⁠#776](http://r.duckduckgo.com/l/?uddg=https://github.com/RustSec/advisory-db/issues/776)) * [`b724f12a`](rustsec/advisory-db@b724f12) Update CVE numbers ([RustSec/advisory-db⁠#777](http://r.duckduckgo.com/l/?uddg=https://github.com/RustSec/advisory-db/issues/777)) * [`12033122`](rustsec/advisory-db@1203312) heapless: use-after-free when cloning partially consumed Iterator * [`9283d50a`](rustsec/advisory-db@9283d50) heapless: fix year: 2020, not 2010 * [`7c260c52`](rustsec/advisory-db@7c260c5) Assigned RUSTSEC-2020-0145 to heapless * [`eda0a223`](rustsec/advisory-db@eda0a22) Add an advisory on lifetime extension in generic-array * [`c71170c3`](rustsec/advisory-db@c71170c) Assigned RUSTSEC-2020-0146 to generic-array * [`fe25ca02`](rustsec/advisory-db@fe25ca0) Add advisory for out-of-bounds write in bam * [`fae90251`](rustsec/advisory-db@fae9025) Assigned RUSTSEC-2021-0027 to bam * [`af1b1de4`](rustsec/advisory-db@af1b1de) Add advisory for memory safety issue in toodee's insert_row * [`f4e465c6`](rustsec/advisory-db@f4e465c) Assigned RUSTSEC-2021-0028 to toodee * [`b4afb832`](rustsec/advisory-db@b4afb83) Report uninitialized memory exposure in truetype * [`dafd2019`](rustsec/advisory-db@dafd201) Assigned RUSTSEC-2021-0029 to truetype * [`1c7888e4`](rustsec/advisory-db@1c7888e) Update RUSTSEC-2020-0146.md with list of patched versions ([RustSec/advisory-db⁠#789](http://r.duckduckgo.com/l/?uddg=https://github.com/RustSec/advisory-db/issues/789)) * [`196ad433`](rustsec/advisory-db@196ad43) Heapless soundness fix since 0.6.1 ([RustSec/advisory-db⁠#791](http://r.duckduckgo.com/l/?uddg=https://github.com/RustSec/advisory-db/issues/791)) * [`14e6efec`](rustsec/advisory-db@14e6efe) Mark RUSTSEC-2020-0146 as unsound ([RustSec/advisory-db⁠#788](http://r.duckduckgo.com/l/?uddg=https://github.com/RustSec/advisory-db/issues/788)) * [`927b303d`](rustsec/advisory-db@927b303) Revert "Mark RUSTSEC-2020-0146 as unsound ([RustSec/advisory-db⁠#788](http://r.duckduckgo.com/l/?uddg=https://github.com/RustSec/advisory-db/issues/788))" * [`e59320ad`](rustsec/advisory-db@e59320a) Add advisory for double-free in scratchpad * [`8887e3da`](rustsec/advisory-db@8887e3d) Assigned RUSTSEC-2021-0030 to scratchpad * [`d9614925`](rustsec/advisory-db@d961492) Add advisory for uninitialized memory drop in byte_struct * [`50db2cc7`](rustsec/advisory-db@50db2cc) Add advisory for aliasing violation in nano_arena * [`6dc26382`](rustsec/advisory-db@6dc2638) Assigned RUSTSEC-2021-0031 to nano_arena * [`b8b93bd6`](rustsec/advisory-db@b8b93bd) Assigned RUSTSEC-2021-0032 to byte_struct * [`a0c9d676`](rustsec/advisory-db@a0c9d67) Add advisory for double-free in stack_dst * [`2e968911`](rustsec/advisory-db@2e96891) Assigned RUSTSEC-2021-0033 to stack_dst * [`aced392f`](rustsec/advisory-db@aced392) Add unmaintained advisory for rulinalg crate * [`25e792c0`](rustsec/advisory-db@25e792c) Add unmaintained advisory for office crate. Fixes [RustSec/advisory-db⁠#742](http://r.duckduckgo.com/l/?uddg=https://github.com/RustSec/advisory-db/issues/742) * [`240080a1`](rustsec/advisory-db@240080a) Assigned RUSTSEC-2021-0034 to office * [`a0ec5819`](rustsec/advisory-db@a0ec581) Add advisory for invalid layout assumptions in quinn ([RustSec/advisory-db⁠#804](http://r.duckduckgo.com/l/?uddg=https://github.com/RustSec/advisory-db/issues/804)) * [`e93938cb`](rustsec/advisory-db@e93938c) Assigned RUSTSEC-2021-0035 to quinn ([RustSec/advisory-db⁠#805](http://r.duckduckgo.com/l/?uddg=https://github.com/RustSec/advisory-db/issues/805)) * [`0f0dbd06`](rustsec/advisory-db@0f0dbd0) Assigned RUSTSEC-2020-0147 to rulinalg * [`ac5a6f92`](rustsec/advisory-db@ac5a6f9) Report 0162-internment to RustSec * [`423ca504`](rustsec/advisory-db@423ca50) Assigned RUSTSEC-2021-0036 to internment * [`4f30ae8e`](rustsec/advisory-db@4f30ae8) Report use-after-free issue in diesels sqlite backend * [`e5c10bcc`](rustsec/advisory-db@e5c10bc) Update crates/diesel/RUSTSEC-0000-0000.md * [`c31f016d`](rustsec/advisory-db@c31f016) Update crates/diesel/RUSTSEC-0000-0000.md * [`dd560c65`](rustsec/advisory-db@dd560c6) Assigned RUSTSEC-2021-0037 to diesel * [`ae1107e4`](rustsec/advisory-db@ae1107e) Update rustsec-admin version to use new website generator ([RustSec/advisory-db⁠#810](http://r.duckduckgo.com/l/?uddg=https://github.com/RustSec/advisory-db/issues/810)) * [`a33c05d2`](rustsec/advisory-db@a33c05d) add fltk advisory * [`5ce40487`](rustsec/advisory-db@5ce4048) Update RUSTSEC-0000-0000.md * [`d07de997`](rustsec/advisory-db@d07de99) Update RUSTSEC-0000-0000.md * [`35e0ea59`](rustsec/advisory-db@35e0ea5) replace with keywords * [`a84dbc5d`](rustsec/advisory-db@a84dbc5) formatting * [`805270dc`](rustsec/advisory-db@805270d) Assigned RUSTSEC-2021-0038 to fltk * [`3205a091`](rustsec/advisory-db@3205a09) Report 0090-endian_trait to RustSec * [`ef52d55d`](rustsec/advisory-db@ef52d55) Report 0109-arenavec to RustSec * [`c2248b0e`](rustsec/advisory-db@c2248b0) arenavec: update advisory title to clarify issue * [`f2f59e4e`](rustsec/advisory-db@f2f59e4) Assigned RUSTSEC-2021-0039 to endian_trait * [`0bc081bb`](rustsec/advisory-db@0bc081b) Assigned RUSTSEC-2021-0040 to arenavec * [`0487b3fc`](rustsec/advisory-db@0487b3f) README.md: fix "Report Vulnerability" button ([RustSec/advisory-db⁠#818](http://r.duckduckgo.com/l/?uddg=https://github.com/RustSec/advisory-db/issues/818)) * [`ad84df90`](rustsec/advisory-db@ad84df9) Mirror 'main' branch to 'master' ([RustSec/advisory-db⁠#819](http://r.duckduckgo.com/l/?uddg=https://github.com/RustSec/advisory-db/issues/819)) * [`2c43b700`](rustsec/advisory-db@2c43b70) Rename `master` branch to `main` ([RustSec/advisory-db⁠#820](http://r.duckduckgo.com/l/?uddg=https://github.com/RustSec/advisory-db/issues/820)) * [`7b10b2e7`](rustsec/advisory-db@7b10b2e) Fix `main` -> `master` mirroring ([RustSec/advisory-db⁠#821](http://r.duckduckgo.com/l/?uddg=https://github.com/RustSec/advisory-db/issues/821)) * [`f960a503`](rustsec/advisory-db@f960a50) Have master-to-main mirror force push ([RustSec/advisory-db⁠#822](http://r.duckduckgo.com/l/?uddg=https://github.com/RustSec/advisory-db/issues/822))

mergify

This bot trusts that bot

## Changelog for advisory-db: Branch: main Commits: [rustsec/advisory-db@9e3a6922...0f3a69cc](rustsec/advisory-db@9e3a692...0f3a69c) * [`4b4ba5b4`](rustsec/advisory-db@4b4ba5b) Update to rustsec-admin 0.8.5 ([RustSec/advisory-db⁠#1515](http://r.duckduckgo.com/l/?uddg=https://github.com/RustSec/advisory-db/issues/1515)) * [`f1e7c486`](rustsec/advisory-db@f1e7c48) Add wasmtime CVE-2022-39393 ([RustSec/advisory-db⁠#1509](http://r.duckduckgo.com/l/?uddg=https://github.com/RustSec/advisory-db/issues/1509)) * [`ca75eecb`](rustsec/advisory-db@ca75eec) Assigned RUSTSEC-2022-0075 to wasmtime ([RustSec/advisory-db⁠#1516](http://r.duckduckgo.com/l/?uddg=https://github.com/RustSec/advisory-db/issues/1516)) * [`0d7190c2`](rustsec/advisory-db@0d7190c) Add CVE-2022-39392 ([RustSec/advisory-db⁠#1508](http://r.duckduckgo.com/l/?uddg=https://github.com/RustSec/advisory-db/issues/1508)) * [`0f3a69cc`](rustsec/advisory-db@0f3a69c) Assigned RUSTSEC-2022-0076 to wasmtime ([RustSec/advisory-db⁠#1517](http://r.duckduckgo.com/l/?uddg=https://github.com/RustSec/advisory-db/issues/1517))

dfinity-bot added the automerge-squash label Mar 18, 2021

mergify bot approved these changes Mar 18, 2021

View reviewed changes

mergify bot merged commit 6694c9b into master Mar 18, 2021

mergify bot deleted the update/advisory-db-0283f676aca9ff9c925a38babb8df594ef20b580 branch March 18, 2021 16:15

mergify bot removed the automerge-squash label Mar 18, 2021

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

build: niv advisory-db: update 0283f676 -> f960a503 #1516

build: niv advisory-db: update 0283f676 -> f960a503 #1516

Uh oh!

dfinity-bot commented Mar 18, 2021

Uh oh!

mergify bot left a comment

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

build: niv advisory-db: update 0283f676 -> f960a503 #1516

build: niv advisory-db: update 0283f676 -> f960a503 #1516

Uh oh!

Conversation

dfinity-bot commented Mar 18, 2021

Changelog for advisory-db:

Uh oh!

mergify bot left a comment

Choose a reason for hiding this comment

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant