commit cargo-audit-advisory-db for openSUSE:Factory

Source-Sync Sat, 24 Apr 2021 14:11:14 -0700

Script 'mail_helper' called by obssrc
Hello community,

here is the log from the commit of package cargo-audit-advisory-db for 
openSUSE:Factory checked in at 2021-04-24 23:09:08
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/cargo-audit-advisory-db (Old)
 and      /work/SRC/openSUSE:Factory/.cargo-audit-advisory-db.new.12324 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


Package is "cargo-audit-advisory-db"

Sat Apr 24 23:09:08 2021 rev:3 rq:888116 version:20210420

Changes:
--------
--- 
/work/SRC/openSUSE:Factory/cargo-audit-advisory-db/cargo-audit-advisory-db.changes
  2021-04-06 17:31:34.755245758 +0200
+++ 
/work/SRC/openSUSE:Factory/.cargo-audit-advisory-db.new.12324/cargo-audit-advisory-db.changes
       2021-04-24 23:10:20.479495619 +0200
@@ -1,0 +2,15 @@
+Tue Apr 20 00:45:30 UTC 2021 - wbr...@suse.de
+
+- Update to version 20210420:
+  * Yank advisories for once-again maintained `dirs`/`directories` crates 
(#876)
+  * Mark patched tiny-http version for 2020-0031 (#875)
+  * Assigned RUSTSEC-2021-0053 to algorithmica (#874)
+  * Report 0163-algorithmica to RustSec
+  * Add std CVE (#869)
+  * Update CVE numbers (#870)
+  * Update advisory to indicate patched versions of stackvector.
+  * Added patch to "fix" vulnerability. (#866)
+  * Assigned RUSTSEC-2021-0051 to outer_cgi, RUSTSEC-2021-0052 to id-map
+  * Add advisory for double-free issues in id-map
+
+-------------------------------------------------------------------

Old:
----
  advisory-db-20210401.tar.xz

New:
----
  advisory-db-20210420.tar.xz

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ cargo-audit-advisory-db.spec ++++++
--- /var/tmp/diff_new_pack.G8aomC/_old  2021-04-24 23:10:20.871496172 +0200
+++ /var/tmp/diff_new_pack.G8aomC/_new  2021-04-24 23:10:20.875496178 +0200
@@ -17,7 +17,7 @@
 
 
 Name:           cargo-audit-advisory-db
-Version:        20210401
+Version:        20210420
 Release:        0
 Summary:        A database of known security issues for Rust depedencies
 License:        CC0-1.0

++++++ _service ++++++
--- /var/tmp/diff_new_pack.G8aomC/_old  2021-04-24 23:10:20.899496212 +0200
+++ /var/tmp/diff_new_pack.G8aomC/_new  2021-04-24 23:10:20.899496212 +0200
@@ -2,7 +2,7 @@
   <service mode="disabled" name="obs_scm">
     <param name="url">https://github.com/RustSec/advisory-db.git</param>
     <param name="scm">git</param>
-    <param name="version">20210401</param>
+    <param name="version">20210420</param>
     <param name="revision">master</param>
     <param name="changesgenerate">enable</param>
     <param name="changesauthor">wbr...@suse.de</param>

++++++ advisory-db-20210401.tar.xz -> advisory-db-20210420.tar.xz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/advisory-db-20210401/.duplicate-id-guard 
new/advisory-db-20210420/.duplicate-id-guard
--- old/advisory-db-20210401/.duplicate-id-guard        2021-03-31 
13:30:20.000000000 +0200
+++ new/advisory-db-20210420/.duplicate-id-guard        2021-04-19 
18:31:05.000000000 +0200
@@ -1,3 +1,3 @@
 This file causes merge conflicts if two ID assignment jobs run concurrently.
 This prevents duplicate ID assignment due to a race between those jobs.
-edf964eb367af4474a41f79406f539e8399c15cfd917cd4917cb64e0e599aac1  -
+eb74c8b3b8a4e2af330ec03f3788ec9eaf23a4184b1a97ae893ea6ec3cad792d  -
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/advisory-db-20210401/crates/adtensor/RUSTSEC-2021-0045.md 
new/advisory-db-20210420/crates/adtensor/RUSTSEC-2021-0045.md
--- old/advisory-db-20210401/crates/adtensor/RUSTSEC-2021-0045.md       
2021-03-31 13:30:20.000000000 +0200
+++ new/advisory-db-20210420/crates/adtensor/RUSTSEC-2021-0045.md       
2021-04-19 18:31:05.000000000 +0200
@@ -2,6 +2,7 @@
 [advisory]
 id = "RUSTSEC-2021-0045"
 package = "adtensor"
+aliases = ["CVE-2021-29936"]
 date = "2021-01-11"
 url = "https://github.com/charles-r-earp/adtensor/issues/4";
 categories = ["memory-corruption"]
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/advisory-db-20210401/crates/algorithmica/RUSTSEC-2021-0053.md 
new/advisory-db-20210420/crates/algorithmica/RUSTSEC-2021-0053.md
--- old/advisory-db-20210401/crates/algorithmica/RUSTSEC-2021-0053.md   
1970-01-01 01:00:00.000000000 +0100
+++ new/advisory-db-20210420/crates/algorithmica/RUSTSEC-2021-0053.md   
2021-04-19 18:31:05.000000000 +0200
@@ -0,0 +1,16 @@
+```toml
+[advisory]
+id = "RUSTSEC-2021-0053"
+package = "algorithmica"
+date = "2021-03-07"
+url = "https://github.com/AbrarNitk/algorithmica/issues/1";
+categories = ["memory-corruption"]
+
+[versions]
+patched = []
+```
+
+# 'merge_sort::merge()' crashes with double-free for `T: Drop`
+
+In the affected versions of this crate, `merge_sort::merge()` wildly 
duplicates and drops ownership of `T` without guarding against double-free. Due 
to such implementation,
+simply invoking `merge_sort::merge()` on `Vec<T: Drop>` can cause **double 
free** bugs.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/advisory-db-20210401/crates/arenavec/RUSTSEC-2021-0040.md 
new/advisory-db-20210420/crates/arenavec/RUSTSEC-2021-0040.md
--- old/advisory-db-20210401/crates/arenavec/RUSTSEC-2021-0040.md       
2021-03-31 13:30:20.000000000 +0200
+++ new/advisory-db-20210420/crates/arenavec/RUSTSEC-2021-0040.md       
2021-04-19 18:31:05.000000000 +0200
@@ -2,6 +2,7 @@
 [advisory]
 id = "RUSTSEC-2021-0040"
 package = "arenavec"
+aliases = ["CVE-2021-29930", "CVE-2021-29931"]
 date = "2021-01-12"
 url = "https://github.com/ibabushkin/arenavec/issues/1";
 categories = ["memory-corruption"]
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/advisory-db-20210401/crates/directories/RUSTSEC-2020-0054.md 
new/advisory-db-20210420/crates/directories/RUSTSEC-2020-0054.md
--- old/advisory-db-20210401/crates/directories/RUSTSEC-2020-0054.md    
2021-03-31 13:30:20.000000000 +0200
+++ new/advisory-db-20210420/crates/directories/RUSTSEC-2020-0054.md    
2021-04-19 18:31:05.000000000 +0200
@@ -5,6 +5,7 @@
 date = "2020-10-16"
 informational = "unmaintained"
 url = "https://github.com/dirs-dev/directories-rs";
+yanked = true
 
 [versions]
 patched = []
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/advisory-db-20210401/crates/dirs/RUSTSEC-2020-0053.md 
new/advisory-db-20210420/crates/dirs/RUSTSEC-2020-0053.md
--- old/advisory-db-20210401/crates/dirs/RUSTSEC-2020-0053.md   2021-03-31 
13:30:20.000000000 +0200
+++ new/advisory-db-20210420/crates/dirs/RUSTSEC-2020-0053.md   2021-04-19 
18:31:05.000000000 +0200
@@ -5,6 +5,7 @@
 date = "2020-10-16"
 informational = "unmaintained"
 url = "https://github.com/dirs-dev/dirs-rs";
+yanked = true
 
 [versions]
 patched = []
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/advisory-db-20210401/crates/endian_trait/RUSTSEC-2021-0039.md 
new/advisory-db-20210420/crates/endian_trait/RUSTSEC-2021-0039.md
--- old/advisory-db-20210401/crates/endian_trait/RUSTSEC-2021-0039.md   
2021-03-31 13:30:20.000000000 +0200
+++ new/advisory-db-20210420/crates/endian_trait/RUSTSEC-2021-0039.md   
2021-04-19 18:31:05.000000000 +0200
@@ -2,6 +2,7 @@
 [advisory]
 id = "RUSTSEC-2021-0039"
 package = "endian_trait"
+aliases = ["CVE-2021-29929"]
 date = "2021-01-04"
 url = "https://gitlab.com/myrrlyn/endian_trait/-/issues/1";
 categories = ["memory-corruption"]
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/advisory-db-20210401/crates/id-map/RUSTSEC-2021-0052.md 
new/advisory-db-20210420/crates/id-map/RUSTSEC-2021-0052.md
--- old/advisory-db-20210401/crates/id-map/RUSTSEC-2021-0052.md 1970-01-01 
01:00:00.000000000 +0100
+++ new/advisory-db-20210420/crates/id-map/RUSTSEC-2021-0052.md 2021-04-19 
18:31:05.000000000 +0200
@@ -0,0 +1,39 @@
+```toml
+[advisory]
+id = "RUSTSEC-2021-0052"
+package = "id-map"
+aliases = [
+    "CVE-2021-30455",
+    "CVE-2021-30456",
+    "CVE-2021-30457",
+]
+date = "2021-02-26"
+url = "https://github.com/andrewhickman/id-map/issues/3";
+categories = ["memory-corruption"]
+keywords = ["memory-safety", "double-free"]
+
+[versions]
+patched = []
+```
+
+# Multiple functions can cause double-frees
+
+The following functions in the crate are affected:
+
+## `IdMap::clone_from`
+
+The `clone_from` implementation for `IdMap` drops the values present in the
+map and then begins cloning values from the other map. If a `.clone()` call
+pancics, then the afformentioned dropped elements can be freed again.
+
+## `get_or_insert`
+
+`get_or_insert` reserves space for a value, before calling the user provided
+insertion function `f`. If the function `f` panics then uninitialized or
+previously freed memory can be dropped.
+
+## `remove_set`
+
+When removing a set of elements, `ptr::drop_in_place` is called on each of the
+element to be removed. If the `Drop` impl of one of these elements panics then
+the previously dropped elements can be dropped again.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/advisory-db-20210401/crates/insert_many/RUSTSEC-2021-0042.md 
new/advisory-db-20210420/crates/insert_many/RUSTSEC-2021-0042.md
--- old/advisory-db-20210401/crates/insert_many/RUSTSEC-2021-0042.md    
2021-03-31 13:30:20.000000000 +0200
+++ new/advisory-db-20210420/crates/insert_many/RUSTSEC-2021-0042.md    
2021-04-19 18:31:05.000000000 +0200
@@ -2,6 +2,7 @@
 [advisory]
 id = "RUSTSEC-2021-0042"
 package = "insert_many"
+aliases = ["CVE-2021-29933"]
 date = "2021-01-26"
 url = "https://github.com/rphmeier/insert_many/issues/1";
 categories = ["memory-corruption"]
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/advisory-db-20210401/crates/outer_cgi/RUSTSEC-2021-0051.md 
new/advisory-db-20210420/crates/outer_cgi/RUSTSEC-2021-0051.md
--- old/advisory-db-20210401/crates/outer_cgi/RUSTSEC-2021-0051.md      
1970-01-01 01:00:00.000000000 +0100
+++ new/advisory-db-20210420/crates/outer_cgi/RUSTSEC-2021-0051.md      
2021-04-19 18:31:05.000000000 +0200
@@ -0,0 +1,24 @@
+```toml
+[advisory]
+id = "RUSTSEC-2021-0051"
+package = "outer_cgi"
+aliases = ["CVE-2021-30454"]
+date = "2021-01-31"
+url = "https://github.com/SolraBizna/outer_cgi/issues/1";
+categories = ["memory-exposure"]
+
+[versions]
+patched = [">= 0.2.1"]
+```
+
+# KeyValueReader passes uninitialized memory to Read instance
+
+The `KeyValueReader` type in affected versions of this crate set up an
+uninitialized memory buffer and passed them to be read in to a user-provided
+`Read` instance.
+
+The `Read` instance could read uninitialized memory and cause undefined
+behavior and miscompilations.
+
+This issue was fixed in commit 
[dd59b30](https://github.com/SolraBizna/outer_cgi/commit/dd59b3066e616a08e756f72de8dc3ab11b7036c4)
+by zero-initializing the buffers before passing them.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/advisory-db-20210401/crates/parse_duration/RUSTSEC-2021-0041.md 
new/advisory-db-20210420/crates/parse_duration/RUSTSEC-2021-0041.md
--- old/advisory-db-20210401/crates/parse_duration/RUSTSEC-2021-0041.md 
2021-03-31 13:30:20.000000000 +0200
+++ new/advisory-db-20210420/crates/parse_duration/RUSTSEC-2021-0041.md 
2021-04-19 18:31:05.000000000 +0200
@@ -1,7 +1,7 @@
 ```toml
 [advisory]
 id = "RUSTSEC-2021-0041"
-aliases = ["CAN-2021-1000007"]
+aliases = ["CAN-2021-1000007", "CVE-2021-29932"]
 package = "parse_duration"
 date = "2021-03-18"
 url = "https://github.com/zeta12ti/parse_duration/issues/21";
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/advisory-db-20210401/crates/reorder/RUSTSEC-2021-0050.md 
new/advisory-db-20210420/crates/reorder/RUSTSEC-2021-0050.md
--- old/advisory-db-20210401/crates/reorder/RUSTSEC-2021-0050.md        
2021-03-31 13:30:20.000000000 +0200
+++ new/advisory-db-20210420/crates/reorder/RUSTSEC-2021-0050.md        
2021-04-19 18:31:05.000000000 +0200
@@ -2,12 +2,13 @@
 [advisory]
 id = "RUSTSEC-2021-0050"
 package = "reorder"
+aliases = ["CVE-2021-29941", "CVE-2021-29942"]
 date = "2021-02-24"
 url = "https://github.com/tiby312/reorder/issues/1";
 keywords = ["memory-corruption", "out-of-bounds"]
 
 [versions]
-patched = []
+patched = [">= 1.1.0"]
 ```
 
 # swap_index can write out of bounds and return uninitialized memory
@@ -26,3 +27,11 @@
 and `size_hint()` are primarily meant for optimization and incorrect values
 from their implementations should not lead to memory safety violations.
 
+
+# Patch
+
+A new version crate was pushed that marks this function as unsafe.
+
+reorder = "1.1.0"
+
+Previous versions have also been yanked from crates.io.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/advisory-db-20210401/crates/rocket/RUSTSEC-2021-0044.md 
new/advisory-db-20210420/crates/rocket/RUSTSEC-2021-0044.md
--- old/advisory-db-20210401/crates/rocket/RUSTSEC-2021-0044.md 2021-03-31 
13:30:20.000000000 +0200
+++ new/advisory-db-20210420/crates/rocket/RUSTSEC-2021-0044.md 2021-04-19 
18:31:05.000000000 +0200
@@ -2,6 +2,7 @@
 [advisory]
 id = "RUSTSEC-2021-0044"
 package = "rocket"
+aliases = ["CVE-2021-29935"]
 date = "2021-02-09"
 url = "https://github.com/SergioBenitez/Rocket/issues/1534";
 informational = "unsound"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/advisory-db-20210401/crates/slice-deque/RUSTSEC-2021-0047.md 
new/advisory-db-20210420/crates/slice-deque/RUSTSEC-2021-0047.md
--- old/advisory-db-20210401/crates/slice-deque/RUSTSEC-2021-0047.md    
2021-03-31 13:30:20.000000000 +0200
+++ new/advisory-db-20210420/crates/slice-deque/RUSTSEC-2021-0047.md    
2021-04-19 18:31:05.000000000 +0200
@@ -2,6 +2,7 @@
 [advisory]
 id = "RUSTSEC-2021-0047"
 package = "slice-deque"
+aliases = ["CVE-2021-29938"]
 date = "2021-02-19"
 url = "https://github.com/gnzlbg/slice_deque/issues/90";
 categories = ["memory-corruption"]
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/advisory-db-20210401/crates/stackvector/RUSTSEC-2021-0048.md 
new/advisory-db-20210420/crates/stackvector/RUSTSEC-2021-0048.md
--- old/advisory-db-20210401/crates/stackvector/RUSTSEC-2021-0048.md    
2021-03-31 13:30:20.000000000 +0200
+++ new/advisory-db-20210420/crates/stackvector/RUSTSEC-2021-0048.md    
2021-04-19 18:31:05.000000000 +0200
@@ -2,12 +2,13 @@
 [advisory]
 id = "RUSTSEC-2021-0048"
 package = "stackvector"
+aliases = ["CVE-2021-29939"]
 date = "2021-02-19"
 url = "https://github.com/Alexhuszagh/rust-stackvector/issues/2";
 categories = ["memory-corruption"]
 
 [versions]
-patched = []
+patched = ["1.0.9"]
 ```
 
 # StackVec::extend can write out of bounds when size_hint is incorrect
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/advisory-db-20210401/crates/telemetry/RUSTSEC-2021-0046.md 
new/advisory-db-20210420/crates/telemetry/RUSTSEC-2021-0046.md
--- old/advisory-db-20210401/crates/telemetry/RUSTSEC-2021-0046.md      
2021-03-31 13:30:20.000000000 +0200
+++ new/advisory-db-20210420/crates/telemetry/RUSTSEC-2021-0046.md      
2021-04-19 18:31:05.000000000 +0200
@@ -2,6 +2,7 @@
 [advisory]
 id = "RUSTSEC-2021-0046"
 package = "telemetry"
+aliases = ["CVE-2021-29937"]
 date = "2021-02-17"
 url = "https://github.com/Yoric/telemetry.rs/issues/45";
 categories = ["memory-corruption"]
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/advisory-db-20210401/crates/through/RUSTSEC-2021-0049.md 
new/advisory-db-20210420/crates/through/RUSTSEC-2021-0049.md
--- old/advisory-db-20210401/crates/through/RUSTSEC-2021-0049.md        
2021-03-31 13:30:20.000000000 +0200
+++ new/advisory-db-20210420/crates/through/RUSTSEC-2021-0049.md        
2021-04-19 18:31:05.000000000 +0200
@@ -2,6 +2,7 @@
 [advisory]
 id = "RUSTSEC-2021-0049"
 package = "through"
+aliases = ["CVE-2021-299340"]
 date = "2021-02-18"
 url = "https://github.com/gretchenfrage/through/issues/1";
 categories = ["memory-corruption"]
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/advisory-db-20210401/crates/tiny_http/RUSTSEC-2020-0031.md 
new/advisory-db-20210420/crates/tiny_http/RUSTSEC-2020-0031.md
--- old/advisory-db-20210401/crates/tiny_http/RUSTSEC-2020-0031.md      
2021-03-31 13:30:20.000000000 +0200
+++ new/advisory-db-20210420/crates/tiny_http/RUSTSEC-2020-0031.md      
2021-04-19 18:31:05.000000000 +0200
@@ -8,7 +8,7 @@
 url = "https://github.com/tiny-http/tiny-http/issues/173";
 
 [versions]
-patched = [">= 0.8.0"]
+patched = [">= 0.8.0", "^0.6.3"]
 ```
 
 # HTTP Request smuggling through malformed Transfer Encoding headers
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/advisory-db-20210401/crates/uu_od/RUSTSEC-2021-0043.md 
new/advisory-db-20210420/crates/uu_od/RUSTSEC-2021-0043.md
--- old/advisory-db-20210401/crates/uu_od/RUSTSEC-2021-0043.md  2021-03-31 
13:30:20.000000000 +0200
+++ new/advisory-db-20210420/crates/uu_od/RUSTSEC-2021-0043.md  2021-04-19 
18:31:05.000000000 +0200
@@ -2,6 +2,7 @@
 [advisory]
 id = "RUSTSEC-2021-0043"
 package = "uu_od"
+aliases = ["CVE-2021-29934"]
 date = "2021-02-17"
 url = "https://github.com/uutils/coreutils/issues/1729";
 categories = ["memory-exposure"]
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/advisory-db-20210401/rust/std/CVE-2015-20001.md 
new/advisory-db-20210420/rust/std/CVE-2015-20001.md
--- old/advisory-db-20210401/rust/std/CVE-2015-20001.md 1970-01-01 
01:00:00.000000000 +0100
+++ new/advisory-db-20210420/rust/std/CVE-2015-20001.md 2021-04-19 
18:31:05.000000000 +0200
@@ -0,0 +1,16 @@
+```toml
+[advisory]
+id = "CVE-2015-20001"
+package = "std"
+categories = ["memory-corruption"]
+date = "2015-05-27"
+url = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-20001";
+
+[versions]
+patched = [">= 1.2.0"]
+unaffected = ["< 1.0.0"]
+```
+
+# Panic safety violation in BinaryHeap
+
+In the standard library in Rust before 1.2.0, BinaryHeap is not panic-safe. 
The binary heap is left in an inconsistent state when the comparison of generic 
elements inside sift_up or sift_down_range panics. This bug leads to a drop of 
zeroed memory as an arbitrary type, which can result in a memory safety 
violation.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/advisory-db-20210401/rust/std/CVE-2020-36317.md 
new/advisory-db-20210420/rust/std/CVE-2020-36317.md
--- old/advisory-db-20210401/rust/std/CVE-2020-36317.md 1970-01-01 
01:00:00.000000000 +0100
+++ new/advisory-db-20210420/rust/std/CVE-2020-36317.md 2021-04-19 
18:31:05.000000000 +0200
@@ -0,0 +1,16 @@
+```toml
+[advisory]
+id = "CVE-2020-36317"
+package = "std"
+categories = ["memory-corruption"]
+date = "2020-10-28"
+url = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36317";
+
+[versions]
+patched = [">= 1.49.0"]
+unaffected = ["< 1.26.0"]
+```
+
+# String::retain allows safely creating invalid strings when abusing panic
+
+In the standard library in Rust before 1.49.0, String::retain() function has a 
panic safety problem. It allows creation of a non-UTF-8 Rust string when the 
provided closure panics. This bug could result in a memory safety violation 
when other string APIs assume that UTF-8 encoding is used on the same string.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/advisory-db-20210401/rust/std/CVE-2020-36318.md 
new/advisory-db-20210420/rust/std/CVE-2020-36318.md
--- old/advisory-db-20210401/rust/std/CVE-2020-36318.md 1970-01-01 
01:00:00.000000000 +0100
+++ new/advisory-db-20210420/rust/std/CVE-2020-36318.md 2021-04-19 
18:31:05.000000000 +0200
@@ -0,0 +1,16 @@
+```toml
+[advisory]
+id = "CVE-2020-36318"
+package = "std"
+categories = ["memory-corruption"]
+date = "2020-12-07"
+url = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36318";
+
+[versions]
+patched = [">= 1.49.0"]
+unaffected = ["< 1.48.0"]
+```
+
+# VecDeque::make_contiguous may duplicate the contained elements
+
+In the standard library in Rust before 1.49.0, VecDeque::make_contiguous has a 
bug that pops the same element more than once under certain condition. This bug 
could result in a use-after-free or double free.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/advisory-db-20210401/rust/std/CVE-2021-28875.md 
new/advisory-db-20210420/rust/std/CVE-2021-28875.md
--- old/advisory-db-20210401/rust/std/CVE-2021-28875.md 1970-01-01 
01:00:00.000000000 +0100
+++ new/advisory-db-20210420/rust/std/CVE-2021-28875.md 2021-04-19 
18:31:05.000000000 +0200
@@ -0,0 +1,16 @@
+```toml
+[advisory]
+id = "CVE-2021-28875"
+package = "std"
+categories = ["memory-corruption"]
+date = "2021-01-10"
+url = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28875";
+
+[versions]
+patched = [">= 1.50.0"]
+unaffected = ["< 1.20.0"]
+```
+
+# Logic bug in Read can cause buffer overflow in read_to_end()
+
+In the standard library in Rust before 1.50.0, read_to_end() does not validate 
the return value from Read in an unsafe context. This bug could lead to a 
buffer overflow.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/advisory-db-20210401/rust/std/CVE-2021-28876.md 
new/advisory-db-20210420/rust/std/CVE-2021-28876.md
--- old/advisory-db-20210401/rust/std/CVE-2021-28876.md 1970-01-01 
01:00:00.000000000 +0100
+++ new/advisory-db-20210420/rust/std/CVE-2021-28876.md 2021-04-19 
18:31:05.000000000 +0200
@@ -0,0 +1,16 @@
+```toml
+[advisory]
+id = "CVE-2021-28876"
+package = "std"
+categories = ["memory-corruption"]
+date = "2021-02-04"
+url = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28876";
+
+[versions]
+patched = [">= 1.52.0"]
+unaffected = ["< 1.14.0"]
+```
+
+# Panic safety issue in Zip specialization
+
+In the standard library in Rust before 1.52.0, the Zip implementation has a 
panic safety issue. It calls __iterator_get_unchecked() more than once for the 
same index when the underlying iterator panics (in certain conditions). This 
bug could lead to a memory safety violation due to an unmet safety requirement 
for the TrustedRandomAccess trait.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/advisory-db-20210401/rust/std/CVE-2021-28877.md 
new/advisory-db-20210420/rust/std/CVE-2021-28877.md
--- old/advisory-db-20210401/rust/std/CVE-2021-28877.md 1970-01-01 
01:00:00.000000000 +0100
+++ new/advisory-db-20210420/rust/std/CVE-2021-28877.md 2021-04-19 
18:31:05.000000000 +0200
@@ -0,0 +1,16 @@
+```toml
+[advisory]
+id = "CVE-2021-28877"
+package = "std"
+categories = ["memory-corruption"]
+date = "2021-01-03"
+url = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28877";
+
+[versions]
+patched = [">= 1.51.0"]
+unaffected = ["< 1.11.0"]
+```
+
+# TrustedRandomAaccess specialization composes incorrectly for nested 
iter::Zips
+
+In the standard library in Rust before 1.51.0, the Zip implementation calls 
__iterator_get_unchecked() for the same index more than once when nested. This 
bug can lead to a memory safety violation due to an unmet safety requirement 
for the TrustedRandomAccess trait.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/advisory-db-20210401/rust/std/CVE-2021-28878.md 
new/advisory-db-20210420/rust/std/CVE-2021-28878.md
--- old/advisory-db-20210401/rust/std/CVE-2021-28878.md 1970-01-01 
01:00:00.000000000 +0100
+++ new/advisory-db-20210420/rust/std/CVE-2021-28878.md 2021-04-19 
18:31:05.000000000 +0200
@@ -0,0 +1,16 @@
+```toml
+[advisory]
+id = "CVE-2021-28878"
+package = "std"
+categories = ["memory-corruption"]
+date = "2021-02-19"
+url = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28878";
+
+[versions]
+patched = [">= 1.52.0"]
+unaffected = ["< 1.14.0"]
+```
+
+# Zip may call __iterator_get_unchecked twice with the same index
+
+In the standard library in Rust before 1.52.0, the Zip implementation calls 
__iterator_get_unchecked() more than once for the same index (under certain 
conditions) when next_back() and next() are used together. This bug could lead 
to a memory safety violation due to an unmet safety requirement for the 
TrustedRandomAccess trait.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/advisory-db-20210401/rust/std/CVE-2021-28879.md 
new/advisory-db-20210420/rust/std/CVE-2021-28879.md
--- old/advisory-db-20210401/rust/std/CVE-2021-28879.md 1970-01-01 
01:00:00.000000000 +0100
+++ new/advisory-db-20210420/rust/std/CVE-2021-28879.md 2021-04-19 
18:31:05.000000000 +0200
@@ -0,0 +1,16 @@
+```toml
+[advisory]
+id = "CVE-2021-28879"
+package = "std"
+categories = ["memory-corruption"]
+date = "2021-02-18"
+url = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28879";
+
+[versions]
+patched = [">= 1.52.0"]
+unaffected = ["< 1.14.0"]
+```
+
+# Zip can cause buffer overflow when a consumed Zip iterator is used again
+
+In the standard library in Rust before 1.52.0, the Zip implementation can 
report an incorrect size due to an integer overflow. This bug can lead to a 
buffer overflow when a consumed Zip iterator is used again.

commit cargo-audit-advisory-db for openSUSE:Factory

Reply via email to