RustSec

@RustSec

Security advisory database for Rust crates published through

Vrijeme pridruživanja: siječanj 2017.

Tweetovi

Blokirali ste korisnika/cu @RustSec

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @RustSec

  1. proslijedio/la je Tweet
    1. velj

    New version of is finally out! Compatibility issue with `cargo-audit` was fixed, so it can audit your crates as usual now.

    Poništi
  2. proslijedio/la je Tweet
    29. sij

    cargo tools that may or may not be useful when auditing code: audit, clippy, geiger, outdated others?

    Poništi
  3. 27. sij

    RUSTSEC-2020-0004: lucet-runtime-internals: sigstack allocation bug can cause memory corruption or leak

    Poništi
  4. 27. sij

    RUSTSEC-2020-0003 (informational): rust_sodium is unmaintained; switch to a modern alternative

    Poništi
  5. 23. sij

    `cargo audit fix` can now (sometimes) fix your vulnerable dependency requirements automatically!

    Poništi
  6. 16. sij

    RUSTSEC-2020-0002: prost: Parsing a specially crafted message can result in a stack overflow

    Poništi
  7. 7. sij

    RUSTSEC-2020-0001: trust-dns-server: Stack overflow when resolving additional records from MX or SRV null targets

    Poništi
  8. 3. sij

    The second is the Working Group's Safety Dance project is working to make the ecosystem more secure by actively seeking out unsafety/vulnerabilities in popular Rust crates. Check it out!

    Prikaži ovu nit
    Poništi
  9. 3. sij

    At first glance this number going up might seem bad: does this mean the Rust ecosystem is getting less secure with time? The short answer is no. There are two main reasons the number of advisories are going up. The first is simply growth in the number of Rust crates...

    Prikaži ovu nit
    Poništi
  10. 3. sij

    A look at the number of vulnerabilities filed in the RustSec Advisory Database: 2016-2019

    Prikaži ovu nit
    Poništi
  11. 7. stu 2019.

    RUSTSEC-2019-0030: streebog: Incorrect implementation of the Streebog hash functions

    Poništi
  12. proslijedio/la je Tweet
    23. lis 2019.

    . I wanted to contribute adding cargo-audit to the Travis CI build environment but I'm not sure where to get started. Where does the code live for creating the build environment?

    Prikaži ovu nit
    Poništi
  13. 23. lis 2019.

    RUSTSEC-2019-0029: chacha20: counter overflow can expose repetitions in the keystream

    Poništi
  14. 23. lis 2019.

    RUSTSEC-2019-0028: flatbuffers: Unsound `impl Follow for bool`

    Poništi
  15. 15. lis 2019.

    RUSTSEC-2019-0026: sodiumoxide: generichash::Digest::eq always return true

    Poništi
  16. 14. lis 2019.

    RUSTSEC-2019-0027: libsecp256k1: Flaw in Scalar::check_overflow allows side-channel timing attack

    Poništi
  17. 11. lis 2019.

    RUSTSEC-2019-0025: serde_cbor: Flaw in CBOR deserializer allows stack overflow

    Poništi
  18. 9. lis 2019.

    audit-check: GitHub action for auditing projects for security vulnerabilities using cargo-audit, provided by actions-rs / Supports scheduled auditing to ensure new vulnerabilities are caught quickly

    Poništi
  19. 8. lis 2019.

    Note: these advisories are just warnings by default and won't fail the build. If you'd like for them to fail the build, run "cargo-audit -D" or "cargo-audit --deny-warnings"

    Prikaži ovu nit
    Poništi
  20. 8. lis 2019.

    We've just published our first "informational advisories": warnings about unmaintained crates or other issues which aren't security vulnerabilities in and of themselves. To see them, you'll need to get the latest release of cargo-audit: v0.9.3

    Prikaži ovu nit
    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·