search

mihai-dinculescu / home-automation-config

Config API for https://github.com/mihai-dinculescu/home-automation-thermostat.
1 stars 0 forks source link

RUSTSEC-2020-0049: Use-after-free in Framed due to lack of pinning #3

Open github-actions[bot] opened 4 years ago

github-actions[bot] commented 4 years ago

Use-after-free in Framed due to lack of pinning

Details
Package actix-codec
Version 0.2.0
URL https://github.com/actix/actix-net/issues/91
Date 2020-01-30
Patched versions >= 0.3.0-beta.1

Affected versions of this crate did not require the buffer wrapped in Framed to be pinned, but treated it as if it had a fixed location in memory. This may result in a use-after-free.

The flaw was corrected by making the affected functions accept Pin<&mut Self> instead of &mut self.

See advisory page for additional details.