Tweetovi
- Tweetovi, trenutna stranica.
- Tweetovi i odgovori
- Medijski sadržaj
Blokirali ste korisnika/cu @RustSec
Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @RustSec
-
RustSec proslijedio/la je Tweet
New version of https://github.com/actions-rs/audit-check/ … is finally out! Compatibility issue with
@RustSec `cargo-audit` was fixed, so it can audit your crates as usual now.Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
RustSec proslijedio/la je Tweet
cargo tools that may or may not be useful when auditing code: audit, clippy, geiger, outdated others?
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
RUSTSEC-2020-0004: lucet-runtime-internals: sigstack allocation bug can cause memory corruption or leak https://rustsec.org/advisories/RUSTSEC-2020-0004.html …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
RUSTSEC-2020-0003 (informational): rust_sodium is unmaintained; switch to a modern alternative https://rustsec.org/advisories/RUSTSEC-2020-0003.html …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
`cargo audit fix` can now (sometimes) fix your vulnerable dependency requirements automatically!https://twitter.com/bascule/status/1220464647024861186 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
RUSTSEC-2020-0002: prost: Parsing a specially crafted message can result in a stack overflow https://rustsec.org/advisories/RUSTSEC-2020-0002.html …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
RUSTSEC-2020-0001: trust-dns-server: Stack overflow when resolving additional records from MX or SRV null targets https://rustsec.org/advisories/RUSTSEC-2020-0001.html …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
The second is the
@RustSecureCode Working Group's Safety Dance project is working to make the ecosystem more secure by actively seeking out unsafety/vulnerabilities in popular Rust crates. Check it out!https://github.com/rust-secure-code/safety-dance …Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
At first glance this number going up might seem bad: does this mean the Rust ecosystem is getting less secure with time? The short answer is no. There are two main reasons the number of advisories are going up. The first is simply growth in the number of Rust crates...
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
A look at the number of vulnerabilities filed in the RustSec Advisory Database: 2016-2019pic.twitter.com/uTm4e4ZcMe
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
RUSTSEC-2019-0030: streebog: Incorrect implementation of the Streebog hash functions https://rustsec.org/advisories/RUSTSEC-2019-0030.html …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
RustSec proslijedio/la je TweetHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
RUSTSEC-2019-0029: chacha20: counter overflow can expose repetitions in the keystream https://rustsec.org/advisories/RUSTSEC-2019-0029.html …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
RUSTSEC-2019-0028: flatbuffers: Unsound `impl Follow for bool` https://rustsec.org/advisories/RUSTSEC-2019-0028.html …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
RUSTSEC-2019-0026: sodiumoxide: generichash::Digest::eq always return true https://rustsec.org/advisories/RUSTSEC-2019-0026.html …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
RUSTSEC-2019-0027: libsecp256k1: Flaw in Scalar::check_overflow allows side-channel timing attack https://rustsec.org/advisories/RUSTSEC-2019-0027.html …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
RUSTSEC-2019-0025: serde_cbor: Flaw in CBOR deserializer allows stack overflow https://rustsec.org/advisories/RUSTSEC-2019-0025.html …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
audit-check: GitHub action for auditing
@rustlang projects for security vulnerabilities using cargo-audit, provided by actions-rs /@svartalf Supports scheduled auditing to ensure new vulnerabilities are caught quicklyhttps://github.com/actions-rs/audit-check/ …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Note: these advisories are just warnings by default and won't fail the build. If you'd like for them to fail the build, run "cargo-audit -D" or "cargo-audit --deny-warnings"
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
We've just published our first "informational advisories": warnings about unmaintained crates or other issues which aren't security vulnerabilities in and of themselves. To see them, you'll need to get the latest release of cargo-audit: v0.9.3pic.twitter.com/f4e0bBFQtT
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.