commit cargo-audit-advisory-db for openSUSE:Factory

Source-Sync Tue, 21 Oct 2025 02:35:31 -0700

Script 'mail_helper' called by obssrc
Hello community,

here is the log from the commit of package cargo-audit-advisory-db for 
openSUSE:Factory checked in at 2025-10-21 11:17:03
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/cargo-audit-advisory-db (Old)
 and      /work/SRC/openSUSE:Factory/.cargo-audit-advisory-db.new.18484 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


Package is "cargo-audit-advisory-db"

Tue Oct 21 11:17:03 2025 rev:49 rq:1312672 version:20251021

Changes:
--------
--- 
/work/SRC/openSUSE:Factory/cargo-audit-advisory-db/cargo-audit-advisory-db.changes
  2025-09-14 18:51:33.121557572 +0200
+++ 
/work/SRC/openSUSE:Factory/.cargo-audit-advisory-db.new.18484/cargo-audit-advisory-db.changes
       2025-10-21 11:19:42.055067136 +0200
@@ -1,0 +2,15 @@
+Tue Oct 21 02:38:22 UTC 2025 - [email protected]
+
+- Update to version 20251021:
+  *  Mark all rust-unic crates as unmaintained  (#2424)
+  * fix: RUSTSEC-2025-0073 (`alloy-dyn-abi`), update to description and credit 
(#2423)
+  * Assigned RUSTSEC-2025-0073 to alloy-dyn-abi
+  * Add CVE-2025-62370 `alloy-dyn-abi` (#2421)
+  * Assigned RUSTSEC-2025-0072 to wrflib
+  * add wrflib
+  * add io-safety keyword to RUSTSEC-2025-0051
+  * Assigned RUSTSEC-2025-0071 to ammonia
+  * ammonia v4.1.2
+  * Assigned RUSTSEC-2025-0070 to pingora-core
+
+-------------------------------------------------------------------

Old:
----
  advisory-db-20250913.tar.xz

New:
----
  advisory-db-20251021.tar.xz

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ cargo-audit-advisory-db.spec ++++++
--- /var/tmp/diff_new_pack.IJJAWU/_old  2025-10-21 11:19:42.947104643 +0200
+++ /var/tmp/diff_new_pack.IJJAWU/_new  2025-10-21 11:19:42.947104643 +0200
@@ -17,7 +17,7 @@
 
 
 Name:           cargo-audit-advisory-db
-Version:        20250913
+Version:        20251021
 Release:        0
 Summary:        A database of known security issues for Rust depedencies
 License:        CC0-1.0

++++++ _service ++++++
--- /var/tmp/diff_new_pack.IJJAWU/_old  2025-10-21 11:19:42.999106830 +0200
+++ /var/tmp/diff_new_pack.IJJAWU/_new  2025-10-21 11:19:43.003106998 +0200
@@ -2,7 +2,7 @@
   <service mode="disabled" name="obs_scm">
     <param name="url">https://github.com/RustSec/advisory-db.git</param>
     <param name="scm">git</param>
-    <param name="version">20250913</param>
+    <param name="version">20251021</param>
     <param name="revision">main</param>
     <param name="changesgenerate">enable</param>
     <param name="changesauthor">[email protected]</param>

++++++ advisory-db-20250913.tar.xz -> advisory-db-20251021.tar.xz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/advisory-db-20250913/.duplicate-id-guard 
new/advisory-db-20251021/.duplicate-id-guard
--- old/advisory-db-20250913/.duplicate-id-guard        2025-09-12 
09:28:19.000000000 +0200
+++ new/advisory-db-20251021/.duplicate-id-guard        2025-10-20 
22:14:34.000000000 +0200
@@ -1,3 +1,3 @@
 This file causes merge conflicts if two ID assignment jobs run concurrently.
 This prevents duplicate ID assignment due to a race between those jobs.
-fd71645898ff1b3e7401e0494a2354ef385e30359645c7be09759ad9c8bdf55a  -
+5c4f58c8085a257432543ede3dbc63c4cf8dcf752f582f9f3438545aa9e4447c  -
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/advisory-db-20250913/crates/alloy-dyn-abi/RUSTSEC-2025-0073.md 
new/advisory-db-20251021/crates/alloy-dyn-abi/RUSTSEC-2025-0073.md
--- old/advisory-db-20250913/crates/alloy-dyn-abi/RUSTSEC-2025-0073.md  
1970-01-01 01:00:00.000000000 +0100
+++ new/advisory-db-20251021/crates/alloy-dyn-abi/RUSTSEC-2025-0073.md  
2025-10-20 22:14:34.000000000 +0200
@@ -0,0 +1,29 @@
+```toml
+[advisory]
+id = "RUSTSEC-2025-0073"
+package = "alloy-dyn-abi"
+date = "2025-10-15"
+url = 
"https://github.com/alloy-rs/core/security/advisories/GHSA-pgp9-98jm-wwq2";
+categories = ["denial-of-service"]
+cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+keywords = ["uncaught-panic"]
+aliases = ["CVE-2025-62370", "GHSA-pgp9-98jm-wwq2"]
+
+[affected.functions]
+"alloy_dyn_abi::eip712::Resolver::encode_type" = ["<0.8.26", ">=1.0.0, <1.4.1"]
+
+[versions]
+patched = [">=0.8.26, <1.0.0", ">=1.4.1"]
+```
+
+# DoS vulnerability on `alloy_dyn_abi::TypedData` hashing
+
+An uncaught panic triggered by malformed input to `alloy_dyn_abi::TypedData` 
could lead to a denial-of-service (DoS) via `eip712_signing_hash()`.
+
+Software with high availability requirements such as network services may be 
particularly impacted. If in use, external auto-restarting mechanisms can 
partially mitigate the availability issues unless repeated attacks are possible.
+
+The vulnerability was patched by adding a check to ensure the element is not 
empty before accessing its first element; an error is returned if it is empty. 
The fix is included in version 
[v1.4.1](https://crates.io/crates/alloy-dyn-abi/1.4.1) and backported to 
[v0.8.26](https://crates.io/crates/alloy-dyn-abi/0.8.26).
+
+There is no known workaround that mitigates the vulnerability. Upgrading to a 
patched version is the recommended course of action.
+
+Reported by [Christian Reitter](https://github.com/cr-tk) & [Zeke 
Mostov](https://github.com/emostov) from [Turnkey](https://www.turnkey.com/).
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/advisory-db-20250913/crates/ammonia/RUSTSEC-2025-0071.md 
new/advisory-db-20251021/crates/ammonia/RUSTSEC-2025-0071.md
--- old/advisory-db-20250913/crates/ammonia/RUSTSEC-2025-0071.md        
1970-01-01 01:00:00.000000000 +0100
+++ new/advisory-db-20251021/crates/ammonia/RUSTSEC-2025-0071.md        
2025-10-20 22:14:34.000000000 +0200
@@ -0,0 +1,39 @@
+```toml
+[advisory]
+id = "RUSTSEC-2025-0071"
+package = "ammonia"
+date = "2025-09-21"
+categories = ["format-injection"]
+keywords = ["html", "xss"]
+
+[versions]
+patched = [">= 4.1.2", ">= 4.0.1, < 4.1.0", ">= 3.3.1, < 4.0.0"]
+```
+
+# Incorrect handling of embedded SVG and MathML leads to mutation XSS after 
removal
+
+Affected versions of this crate did not correctly strip namespace-incompatible 
tags
+in certain situations, causing it to incorrectly account for differences 
between HTML,
+SVG, and MathML.
+
+This vulnerability only has an effect when the `svg` or `math` tag is allowed,
+because it relies on a tag being parsed as html during the cleaning process, 
but
+serialized in a way that causes in to be parsed as xml by the browser.
+
+Additionally, the application using this library must allow a tag that is 
parsed as raw text in HTML.
+These [elements] are:
+
+* title
+* textarea
+* xmp
+* iframe
+* noembed
+* noframes
+* plaintext
+* noscript
+* style
+* script
+
+Applications that do not explicitly allow any of these tags should not be 
affected, since none are allowed by default.
+
+[elements]: 
https://github.com/servo/html5ever/blob/57eb334c0ffccc6f88d563419f0fbeef6ff5741c/html5ever/src/tree_builder/rules.rs
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/advisory-db-20250913/crates/daemonize/RUSTSEC-2025-0069.md 
new/advisory-db-20251021/crates/daemonize/RUSTSEC-2025-0069.md
--- old/advisory-db-20250913/crates/daemonize/RUSTSEC-2025-0069.md      
1970-01-01 01:00:00.000000000 +0100
+++ new/advisory-db-20251021/crates/daemonize/RUSTSEC-2025-0069.md      
2025-10-20 22:14:34.000000000 +0200
@@ -0,0 +1,21 @@
+```toml
+[advisory]
+id = "RUSTSEC-2025-0069"
+package = "daemonize"
+date = "2025-09-14"
+url = "https://github.com/rustsec/advisory-db/issues/2279";
+informational = "unmaintained"
+
+[versions]
+patched = []
+```
+
+# `daemonize` is Unmaintained
+
+There hasn't been any activity happening for this crate since June 3, 2023. No 
interactions on pull requests. Issues are disabled for the repo.
+
+Oldest PR sitting around without any interaction from the maintainer: 
[knsd/daemonize#50](https://github.com/knsd/daemonize/pull/50)
+
+On February 14, 2024, a [PR](https://github.com/knsd/daemonize/pull/57) was 
made to correct some UB.
+
+Efforts to contact the crate owner via email have been unsuccessful.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/advisory-db-20250913/crates/fuser/RUSTSEC-2021-0154.md 
new/advisory-db-20251021/crates/fuser/RUSTSEC-2021-0154.md
--- old/advisory-db-20250913/crates/fuser/RUSTSEC-2021-0154.md  2025-09-12 
09:28:19.000000000 +0200
+++ new/advisory-db-20251021/crates/fuser/RUSTSEC-2021-0154.md  2025-10-20 
22:14:34.000000000 +0200
@@ -14,7 +14,7 @@
 "fuser::Session::new" = [">= 0.5.0"]
 
 [versions]
-patched = [">= 1.2.0"]
+patched = [">= 0.16.0"]
 ```
 
 # Uninitalized memory read & leak caused by fuser crate
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/advisory-db-20250913/crates/martin-mbtiles/RUSTSEC-2023-0094.md 
new/advisory-db-20251021/crates/martin-mbtiles/RUSTSEC-2023-0094.md
--- old/advisory-db-20250913/crates/martin-mbtiles/RUSTSEC-2023-0094.md 
1970-01-01 01:00:00.000000000 +0100
+++ new/advisory-db-20251021/crates/martin-mbtiles/RUSTSEC-2023-0094.md 
2025-10-20 22:14:34.000000000 +0200
@@ -0,0 +1,16 @@
+```toml
+[advisory]
+id = "RUSTSEC-2023-0094"
+package = "martin-mbtiles"
+date = "2023-10-30"
+informational = "unmaintained"
+url = 
"https://github.com/maplibre/martin/commit/8a8814e7cc97d44f4d194586b3e9deb904c99488";
+
+[versions]
+patched = []
+unaffected = []
+```
+
+# `martin-mbtiles` has been renamed to `mbtiles`
+
+Please use the `mbtiles` crate going forward.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/advisory-db-20250913/crates/pingora-core/RUSTSEC-2025-0070.md 
new/advisory-db-20251021/crates/pingora-core/RUSTSEC-2025-0070.md
--- old/advisory-db-20250913/crates/pingora-core/RUSTSEC-2025-0070.md   
1970-01-01 01:00:00.000000000 +0100
+++ new/advisory-db-20251021/crates/pingora-core/RUSTSEC-2025-0070.md   
2025-10-20 22:14:34.000000000 +0200
@@ -0,0 +1,23 @@
+```toml
+[advisory]
+id = "RUSTSEC-2025-0070"
+package = "pingora-core"
+date = "2025-09-17"
+url = 
"https://github.com/cloudflare/pingora/security/advisories/GHSA-393w-9x6h-8gc7";
+references = ["https://nvd.nist.gov/vuln/detail/CVE-2025-8671";, 
"https://blog.cloudflare.com/madeyoureset-an-http-2-vulnerability-thwarted-by-rapid-reset-mitigations/";]
+categories = ["denial-of-service"]
+keywords = ["http", "http2", "h2"]
+aliases = ["CVE-2025-8671"]
+# cvss = "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L"
+
+[versions]
+patched = [">= 0.6.0"]
+```
+
+# Pingora MadeYouReset HTTP/2 vulnerability
+
+Pingora deployments using versions prior to 0.6.0 that include HTTP/2 server 
support may be affected by the vulnerability described in CVE-2025-8671. Under 
certain conditions, Pingora applications may allocate buffers before the HTTP/2 
reset and resulting stream cancellation is processed by the server. Repeated 
resets can force excessive memory consumption and lead to denial-of-service.
+
+On affected versions, malicious clients could trigger unusually high memory 
consumption, which may result in service instability or process termination.
+
+This issue is addressed by ensuring Pingora uses patched versions of HTTP/2 
dependencies that include reset-handling safeguards to release connection 
resources before excessive memory buildup. Users are requested to upgrade to 
versions >= 0.6.0, which incorporates the required fixes.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/advisory-db-20250913/crates/unic/RUSTSEC-0000-0000.md 
new/advisory-db-20251021/crates/unic/RUSTSEC-0000-0000.md
--- old/advisory-db-20250913/crates/unic/RUSTSEC-0000-0000.md   1970-01-01 
01:00:00.000000000 +0100
+++ new/advisory-db-20251021/crates/unic/RUSTSEC-0000-0000.md   2025-10-20 
22:14:34.000000000 +0200
@@ -0,0 +1,22 @@
+```toml
+[advisory]
+id = "RUSTSEC-0000-0000"
+package = "unic"
+date = "2025-10-18"
+informational = "unmaintained"
+url = "https://github.com/rustsec/advisory-db/issues/2414";
+
+[versions]
+patched = []
+unaffected = []
+```
+
+# `unic` is unmaintained
+
+All Unicode crates that are part of https://github.com/open-i18n/rust-unic are 
unmaintained.
+
+## Recommended alternatives
+
+- [`icu`](https://crates.io/crates/icu)
+- [`idna`](https://crates.io/crates/idna)
+- [`unicode-bidi`](https://crates.io/crates/unicode-bidi)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/advisory-db-20250913/crates/unic-bidi/RUSTSEC-0000-0000.md 
new/advisory-db-20251021/crates/unic-bidi/RUSTSEC-0000-0000.md
--- old/advisory-db-20250913/crates/unic-bidi/RUSTSEC-0000-0000.md      
1970-01-01 01:00:00.000000000 +0100
+++ new/advisory-db-20251021/crates/unic-bidi/RUSTSEC-0000-0000.md      
2025-10-20 22:14:34.000000000 +0200
@@ -0,0 +1,20 @@
+```toml
+[advisory]
+id = "RUSTSEC-0000-0000"
+package = "unic-bidi"
+date = "2025-10-18"
+informational = "unmaintained"
+url = "https://github.com/rustsec/advisory-db/issues/2414";
+
+[versions]
+patched = []
+unaffected = []
+```
+
+# `unic-bidi` is unmaintained
+
+All Unicode crates that are part of https://github.com/open-i18n/rust-unic are 
unmaintained.
+
+## Recommended alternatives
+
+- [`unicode-bidi`](https://crates.io/crates/unicode-bidi)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/advisory-db-20250913/crates/unic-char/RUSTSEC-0000-0000.md 
new/advisory-db-20251021/crates/unic-char/RUSTSEC-0000-0000.md
--- old/advisory-db-20250913/crates/unic-char/RUSTSEC-0000-0000.md      
1970-01-01 01:00:00.000000000 +0100
+++ new/advisory-db-20251021/crates/unic-char/RUSTSEC-0000-0000.md      
2025-10-20 22:14:34.000000000 +0200
@@ -0,0 +1,20 @@
+```toml
+[advisory]
+id = "RUSTSEC-0000-0000"
+package = "unic-char"
+date = "2025-10-18"
+informational = "unmaintained"
+url = "https://github.com/rustsec/advisory-db/issues/2414";
+
+[versions]
+patched = []
+unaffected = []
+```
+
+# `unic-char` is unmaintained
+
+All Unicode crates that are part of https://github.com/open-i18n/rust-unic are 
unmaintained.
+
+## Recommended alternatives
+
+- [`icu_properties`](https://crates.io/crates/icu_properties)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/advisory-db-20250913/crates/unic-char-basics/RUSTSEC-0000-0000.md 
new/advisory-db-20251021/crates/unic-char-basics/RUSTSEC-0000-0000.md
--- old/advisory-db-20250913/crates/unic-char-basics/RUSTSEC-0000-0000.md       
1970-01-01 01:00:00.000000000 +0100
+++ new/advisory-db-20251021/crates/unic-char-basics/RUSTSEC-0000-0000.md       
2025-10-20 22:14:34.000000000 +0200
@@ -0,0 +1,16 @@
+```toml
+[advisory]
+id = "RUSTSEC-0000-0000"
+package = "unic-char-basics"
+date = "2025-10-18"
+informational = "unmaintained"
+url = "https://github.com/rustsec/advisory-db/issues/2414";
+
+[versions]
+patched = []
+unaffected = []
+```
+
+# `unic-char-basics` is unmaintained
+
+All Unicode crates that are part of https://github.com/open-i18n/rust-unic are 
unmaintained.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/advisory-db-20250913/crates/unic-char-property/RUSTSEC-0000-0000.md 
new/advisory-db-20251021/crates/unic-char-property/RUSTSEC-0000-0000.md
--- old/advisory-db-20250913/crates/unic-char-property/RUSTSEC-0000-0000.md     
1970-01-01 01:00:00.000000000 +0100
+++ new/advisory-db-20251021/crates/unic-char-property/RUSTSEC-0000-0000.md     
2025-10-20 22:14:34.000000000 +0200
@@ -0,0 +1,20 @@
+```toml
+[advisory]
+id = "RUSTSEC-0000-0000"
+package = "unic-char-property"
+date = "2025-10-18"
+informational = "unmaintained"
+url = "https://github.com/rustsec/advisory-db/issues/2414";
+
+[versions]
+patched = []
+unaffected = []
+```
+
+# `unic-char-property` is unmaintained
+
+All Unicode crates that are part of https://github.com/open-i18n/rust-unic are 
unmaintained.
+
+## Recommended alternatives
+
+- [`icu_properties`](https://crates.io/crates/icu_properties)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/advisory-db-20250913/crates/unic-char-range/RUSTSEC-0000-0000.md 
new/advisory-db-20251021/crates/unic-char-range/RUSTSEC-0000-0000.md
--- old/advisory-db-20250913/crates/unic-char-range/RUSTSEC-0000-0000.md        
1970-01-01 01:00:00.000000000 +0100
+++ new/advisory-db-20251021/crates/unic-char-range/RUSTSEC-0000-0000.md        
2025-10-20 22:14:34.000000000 +0200
@@ -0,0 +1,16 @@
+```toml
+[advisory]
+id = "RUSTSEC-0000-0000"
+package = "unic-char-range"
+date = "2025-10-18"
+informational = "unmaintained"
+url = "https://github.com/rustsec/advisory-db/issues/2414";
+
+[versions]
+patched = []
+unaffected = []
+```
+
+# `unic-char-range` is unmaintained
+
+All Unicode crates that are part of https://github.com/open-i18n/rust-unic are 
unmaintained.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/advisory-db-20250913/crates/unic-cli/RUSTSEC-0000-0000.md 
new/advisory-db-20251021/crates/unic-cli/RUSTSEC-0000-0000.md
--- old/advisory-db-20250913/crates/unic-cli/RUSTSEC-0000-0000.md       
1970-01-01 01:00:00.000000000 +0100
+++ new/advisory-db-20251021/crates/unic-cli/RUSTSEC-0000-0000.md       
2025-10-20 22:14:34.000000000 +0200
@@ -0,0 +1,16 @@
+```toml
+[advisory]
+id = "RUSTSEC-0000-0000"
+package = "unic-cli"
+date = "2025-10-18"
+informational = "unmaintained"
+url = "https://github.com/rustsec/advisory-db/issues/2414";
+
+[versions]
+patched = []
+unaffected = []
+```
+
+# `unic-cli` is unmaintained
+
+All Unicode crates that are part of https://github.com/open-i18n/rust-unic are 
unmaintained.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/advisory-db-20250913/crates/unic-common/RUSTSEC-0000-0000.md 
new/advisory-db-20251021/crates/unic-common/RUSTSEC-0000-0000.md
--- old/advisory-db-20250913/crates/unic-common/RUSTSEC-0000-0000.md    
1970-01-01 01:00:00.000000000 +0100
+++ new/advisory-db-20251021/crates/unic-common/RUSTSEC-0000-0000.md    
2025-10-20 22:14:34.000000000 +0200
@@ -0,0 +1,16 @@
+```toml
+[advisory]
+id = "RUSTSEC-0000-0000"
+package = "unic-common"
+date = "2025-10-18"
+informational = "unmaintained"
+url = "https://github.com/rustsec/advisory-db/issues/2414";
+
+[versions]
+patched = []
+unaffected = []
+```
+
+# `unic-common` is unmaintained
+
+All Unicode crates that are part of https://github.com/open-i18n/rust-unic are 
unmaintained.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/advisory-db-20250913/crates/unic-emoji/RUSTSEC-0000-0000.md 
new/advisory-db-20251021/crates/unic-emoji/RUSTSEC-0000-0000.md
--- old/advisory-db-20250913/crates/unic-emoji/RUSTSEC-0000-0000.md     
1970-01-01 01:00:00.000000000 +0100
+++ new/advisory-db-20251021/crates/unic-emoji/RUSTSEC-0000-0000.md     
2025-10-20 22:14:34.000000000 +0200
@@ -0,0 +1,20 @@
+```toml
+[advisory]
+id = "RUSTSEC-0000-0000"
+package = "unic-emoji"
+date = "2025-10-18"
+informational = "unmaintained"
+url = "https://github.com/rustsec/advisory-db/issues/2414";
+
+[versions]
+patched = []
+unaffected = []
+```
+
+# `unic-emoji` is unmaintained
+
+All Unicode crates that are part of https://github.com/open-i18n/rust-unic are 
unmaintained.
+
+## Recommended alternatives
+
+- [`icu_properties`](https://crates.io/crates/icu_properties)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/advisory-db-20250913/crates/unic-emoji-char/RUSTSEC-0000-0000.md 
new/advisory-db-20251021/crates/unic-emoji-char/RUSTSEC-0000-0000.md
--- old/advisory-db-20250913/crates/unic-emoji-char/RUSTSEC-0000-0000.md        
1970-01-01 01:00:00.000000000 +0100
+++ new/advisory-db-20251021/crates/unic-emoji-char/RUSTSEC-0000-0000.md        
2025-10-20 22:14:34.000000000 +0200
@@ -0,0 +1,20 @@
+```toml
+[advisory]
+id = "RUSTSEC-0000-0000"
+package = "unic-emoji-char"
+date = "2025-10-18"
+informational = "unmaintained"
+url = "https://github.com/rustsec/advisory-db/issues/2414";
+
+[versions]
+patched = []
+unaffected = []
+```
+
+# `unic-emoji-char` is unmaintained
+
+All Unicode crates that are part of https://github.com/open-i18n/rust-unic are 
unmaintained.
+
+## Recommended alternatives
+
+- [`icu_properties`](https://crates.io/crates/icu_properties)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/advisory-db-20250913/crates/unic-idna/RUSTSEC-0000-0000.md 
new/advisory-db-20251021/crates/unic-idna/RUSTSEC-0000-0000.md
--- old/advisory-db-20250913/crates/unic-idna/RUSTSEC-0000-0000.md      
1970-01-01 01:00:00.000000000 +0100
+++ new/advisory-db-20251021/crates/unic-idna/RUSTSEC-0000-0000.md      
2025-10-20 22:14:34.000000000 +0200
@@ -0,0 +1,20 @@
+```toml
+[advisory]
+id = "RUSTSEC-0000-0000"
+package = "unic-idna"
+date = "2025-10-18"
+informational = "unmaintained"
+url = "https://github.com/rustsec/advisory-db/issues/2414";
+
+[versions]
+patched = []
+unaffected = []
+```
+
+# `unic-idna` is unmaintained
+
+All Unicode crates that are part of https://github.com/open-i18n/rust-unic are 
unmaintained.
+
+## Recommended alternatives
+
+- [`idna`](https://crates.io/crates/idna)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/advisory-db-20250913/crates/unic-idna-mapping/RUSTSEC-0000-0000.md 
new/advisory-db-20251021/crates/unic-idna-mapping/RUSTSEC-0000-0000.md
--- old/advisory-db-20250913/crates/unic-idna-mapping/RUSTSEC-0000-0000.md      
1970-01-01 01:00:00.000000000 +0100
+++ new/advisory-db-20251021/crates/unic-idna-mapping/RUSTSEC-0000-0000.md      
2025-10-20 22:14:34.000000000 +0200
@@ -0,0 +1,20 @@
+```toml
+[advisory]
+id = "RUSTSEC-0000-0000"
+package = "unic-idna-mapping"
+date = "2025-10-18"
+informational = "unmaintained"
+url = "https://github.com/rustsec/advisory-db/issues/2414";
+
+[versions]
+patched = []
+unaffected = []
+```
+
+# `unic-idna-mapping` is unmaintained
+
+All Unicode crates that are part of https://github.com/open-i18n/rust-unic are 
unmaintained.
+
+## Recommended alternatives
+
+- [`idna`](https://crates.io/crates/idna)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/advisory-db-20250913/crates/unic-idna-punycode/RUSTSEC-0000-0000.md 
new/advisory-db-20251021/crates/unic-idna-punycode/RUSTSEC-0000-0000.md
--- old/advisory-db-20250913/crates/unic-idna-punycode/RUSTSEC-0000-0000.md     
1970-01-01 01:00:00.000000000 +0100
+++ new/advisory-db-20251021/crates/unic-idna-punycode/RUSTSEC-0000-0000.md     
2025-10-20 22:14:34.000000000 +0200
@@ -0,0 +1,20 @@
+```toml
+[advisory]
+id = "RUSTSEC-0000-0000"
+package = "unic-idna-punycode"
+date = "2025-10-18"
+informational = "unmaintained"
+url = "https://github.com/rustsec/advisory-db/issues/2414";
+
+[versions]
+patched = []
+unaffected = []
+```
+
+# `unic-idna-punycode` is unmaintained
+
+All Unicode crates that are part of https://github.com/open-i18n/rust-unic are 
unmaintained.
+
+## Recommended alternatives
+
+- [`idna`](https://crates.io/crates/idna)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/advisory-db-20250913/crates/unic-normal/RUSTSEC-0000-0000.md 
new/advisory-db-20251021/crates/unic-normal/RUSTSEC-0000-0000.md
--- old/advisory-db-20250913/crates/unic-normal/RUSTSEC-0000-0000.md    
1970-01-01 01:00:00.000000000 +0100
+++ new/advisory-db-20251021/crates/unic-normal/RUSTSEC-0000-0000.md    
2025-10-20 22:14:34.000000000 +0200
@@ -0,0 +1,21 @@
+```toml
+[advisory]
+id = "RUSTSEC-0000-0000"
+package = "unic-normal"
+date = "2025-10-18"
+informational = "unmaintained"
+url = "https://github.com/rustsec/advisory-db/issues/2414";
+
+[versions]
+patched = []
+unaffected = []
+```
+
+# `unic-normal` is unmaintained
+
+All Unicode crates that are part of https://github.com/open-i18n/rust-unic are 
unmaintained.
+
+## Recommended alternatives
+
+- [`icu_normalizer`](https://crates.io/crates/icu_normalizer)
+- [`unicode-normalization`](https://crates.io/crates/unicode-normalization)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/advisory-db-20250913/crates/unic-segment/RUSTSEC-0000-0000.md 
new/advisory-db-20251021/crates/unic-segment/RUSTSEC-0000-0000.md
--- old/advisory-db-20250913/crates/unic-segment/RUSTSEC-0000-0000.md   
1970-01-01 01:00:00.000000000 +0100
+++ new/advisory-db-20251021/crates/unic-segment/RUSTSEC-0000-0000.md   
2025-10-20 22:14:34.000000000 +0200
@@ -0,0 +1,21 @@
+```toml
+[advisory]
+id = "RUSTSEC-0000-0000"
+package = "unic-segment"
+date = "2025-10-18"
+informational = "unmaintained"
+url = "https://github.com/rustsec/advisory-db/issues/2414";
+
+[versions]
+patched = []
+unaffected = []
+```
+
+# `unic-segment` is unmaintained
+
+All Unicode crates that are part of https://github.com/open-i18n/rust-unic are 
unmaintained.
+
+## Recommended alternatives
+
+- [`icu_segmenter`](https://crates.io/crates/icu_segmenter)
+- [`unicode-segmentation`](https://crates.io/crates/unicode-segmentation)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/advisory-db-20250913/crates/unic-ucd/RUSTSEC-0000-0000.md 
new/advisory-db-20251021/crates/unic-ucd/RUSTSEC-0000-0000.md
--- old/advisory-db-20250913/crates/unic-ucd/RUSTSEC-0000-0000.md       
1970-01-01 01:00:00.000000000 +0100
+++ new/advisory-db-20251021/crates/unic-ucd/RUSTSEC-0000-0000.md       
2025-10-20 22:14:34.000000000 +0200
@@ -0,0 +1,20 @@
+```toml
+[advisory]
+id = "RUSTSEC-0000-0000"
+package = "unic-ucd"
+date = "2025-10-18"
+informational = "unmaintained"
+url = "https://github.com/rustsec/advisory-db/issues/2414";
+
+[versions]
+patched = []
+unaffected = []
+```
+
+# `unic-ucd` is unmaintained
+
+All Unicode crates that are part of https://github.com/open-i18n/rust-unic are 
unmaintained.
+
+## Recommended alternatives
+
+- [`icu_properties`](https://crates.io/crates/icu_properties)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/advisory-db-20250913/crates/unic-ucd-age/RUSTSEC-0000-0000.md 
new/advisory-db-20251021/crates/unic-ucd-age/RUSTSEC-0000-0000.md
--- old/advisory-db-20250913/crates/unic-ucd-age/RUSTSEC-0000-0000.md   
1970-01-01 01:00:00.000000000 +0100
+++ new/advisory-db-20251021/crates/unic-ucd-age/RUSTSEC-0000-0000.md   
2025-10-20 22:14:34.000000000 +0200
@@ -0,0 +1,16 @@
+```toml
+[advisory]
+id = "RUSTSEC-0000-0000"
+package = "unic-ucd-age"
+date = "2025-10-18"
+informational = "unmaintained"
+url = "https://github.com/rustsec/advisory-db/issues/2414";
+
+[versions]
+patched = []
+unaffected = []
+```
+
+# `unic-ucd-age` is unmaintained
+
+All Unicode crates that are part of https://github.com/open-i18n/rust-unic are 
unmaintained.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/advisory-db-20250913/crates/unic-ucd-bidi/RUSTSEC-0000-0000.md 
new/advisory-db-20251021/crates/unic-ucd-bidi/RUSTSEC-0000-0000.md
--- old/advisory-db-20250913/crates/unic-ucd-bidi/RUSTSEC-0000-0000.md  
1970-01-01 01:00:00.000000000 +0100
+++ new/advisory-db-20251021/crates/unic-ucd-bidi/RUSTSEC-0000-0000.md  
2025-10-20 22:14:34.000000000 +0200
@@ -0,0 +1,20 @@
+```toml
+[advisory]
+id = "RUSTSEC-0000-0000"
+package = "unic-ucd-bidi"
+date = "2025-10-18"
+informational = "unmaintained"
+url = "https://github.com/rustsec/advisory-db/issues/2414";
+
+[versions]
+patched = []
+unaffected = []
+```
+
+# `unic-ucd-bidi` is unmaintained
+
+All Unicode crates that are part of https://github.com/open-i18n/rust-unic are 
unmaintained.
+
+## Recommended alternatives
+
+- [`icu_properties`](https://crates.io/crates/icu_properties)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/advisory-db-20250913/crates/unic-ucd-block/RUSTSEC-0000-0000.md 
new/advisory-db-20251021/crates/unic-ucd-block/RUSTSEC-0000-0000.md
--- old/advisory-db-20250913/crates/unic-ucd-block/RUSTSEC-0000-0000.md 
1970-01-01 01:00:00.000000000 +0100
+++ new/advisory-db-20251021/crates/unic-ucd-block/RUSTSEC-0000-0000.md 
2025-10-20 22:14:34.000000000 +0200
@@ -0,0 +1,16 @@
+```toml
+[advisory]
+id = "RUSTSEC-0000-0000"
+package = "unic-ucd-block"
+date = "2025-10-18"
+informational = "unmaintained"
+url = "https://github.com/rustsec/advisory-db/issues/2414";
+
+[versions]
+patched = []
+unaffected = []
+```
+
+# `unic-ucd-block` is unmaintained
+
+All Unicode crates that are part of https://github.com/open-i18n/rust-unic are 
unmaintained.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/advisory-db-20250913/crates/unic-ucd-case/RUSTSEC-0000-0000.md 
new/advisory-db-20251021/crates/unic-ucd-case/RUSTSEC-0000-0000.md
--- old/advisory-db-20250913/crates/unic-ucd-case/RUSTSEC-0000-0000.md  
1970-01-01 01:00:00.000000000 +0100
+++ new/advisory-db-20251021/crates/unic-ucd-case/RUSTSEC-0000-0000.md  
2025-10-20 22:14:34.000000000 +0200
@@ -0,0 +1,20 @@
+```toml
+[advisory]
+id = "RUSTSEC-0000-0000"
+package = "unic-ucd-case"
+date = "2025-10-18"
+informational = "unmaintained"
+url = "https://github.com/rustsec/advisory-db/issues/2414";
+
+[versions]
+patched = []
+unaffected = []
+```
+
+# `unic-ucd-case` is unmaintained
+
+All Unicode crates that are part of https://github.com/open-i18n/rust-unic are 
unmaintained.
+
+## Recommended alternatives
+
+- [`icu_properties`](https://crates.io/crates/icu_properties)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/advisory-db-20250913/crates/unic-ucd-category/RUSTSEC-0000-0000.md 
new/advisory-db-20251021/crates/unic-ucd-category/RUSTSEC-0000-0000.md
--- old/advisory-db-20250913/crates/unic-ucd-category/RUSTSEC-0000-0000.md      
1970-01-01 01:00:00.000000000 +0100
+++ new/advisory-db-20251021/crates/unic-ucd-category/RUSTSEC-0000-0000.md      
2025-10-20 22:14:34.000000000 +0200
@@ -0,0 +1,20 @@
+```toml
+[advisory]
+id = "RUSTSEC-0000-0000"
+package = "unic-ucd-category"
+date = "2025-10-18"
+informational = "unmaintained"
+url = "https://github.com/rustsec/advisory-db/issues/2414";
+
+[versions]
+patched = []
+unaffected = []
+```
+
+# `unic-ucd-category` is unmaintained
+
+All Unicode crates that are part of https://github.com/open-i18n/rust-unic are 
unmaintained.
+
+## Recommended alternatives
+
+- [`icu_properties`](https://crates.io/crates/icu_properties)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/advisory-db-20250913/crates/unic-ucd-common/RUSTSEC-0000-0000.md 
new/advisory-db-20251021/crates/unic-ucd-common/RUSTSEC-0000-0000.md
--- old/advisory-db-20250913/crates/unic-ucd-common/RUSTSEC-0000-0000.md        
1970-01-01 01:00:00.000000000 +0100
+++ new/advisory-db-20251021/crates/unic-ucd-common/RUSTSEC-0000-0000.md        
2025-10-20 22:14:34.000000000 +0200
@@ -0,0 +1,20 @@
+```toml
+[advisory]
+id = "RUSTSEC-0000-0000"
+package = "unic-ucd-common"
+date = "2025-10-18"
+informational = "unmaintained"
+url = "https://github.com/rustsec/advisory-db/issues/2414";
+
+[versions]
+patched = []
+unaffected = []
+```
+
+# `unic-ucd-common` is unmaintained
+
+All Unicode crates that are part of https://github.com/open-i18n/rust-unic are 
unmaintained.
+
+## Recommended alternatives
+
+- [`icu_properties`](https://crates.io/crates/icu_properties)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/advisory-db-20250913/crates/unic-ucd-core/RUSTSEC-0000-0000.md 
new/advisory-db-20251021/crates/unic-ucd-core/RUSTSEC-0000-0000.md
--- old/advisory-db-20250913/crates/unic-ucd-core/RUSTSEC-0000-0000.md  
1970-01-01 01:00:00.000000000 +0100
+++ new/advisory-db-20251021/crates/unic-ucd-core/RUSTSEC-0000-0000.md  
2025-10-20 22:14:34.000000000 +0200
@@ -0,0 +1,16 @@
+```toml
+[advisory]
+id = "RUSTSEC-0000-0000"
+package = "unic-ucd-core"
+date = "2025-10-18"
+informational = "unmaintained"
+url = "https://github.com/rustsec/advisory-db/issues/2414";
+
+[versions]
+patched = []
+unaffected = []
+```
+
+# `unic-ucd-core` is unmaintained
+
+All Unicode crates that are part of https://github.com/open-i18n/rust-unic are 
unmaintained.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/advisory-db-20250913/crates/unic-ucd-hangul/RUSTSEC-0000-0000.md 
new/advisory-db-20251021/crates/unic-ucd-hangul/RUSTSEC-0000-0000.md
--- old/advisory-db-20250913/crates/unic-ucd-hangul/RUSTSEC-0000-0000.md        
1970-01-01 01:00:00.000000000 +0100
+++ new/advisory-db-20251021/crates/unic-ucd-hangul/RUSTSEC-0000-0000.md        
2025-10-20 22:14:34.000000000 +0200
@@ -0,0 +1,21 @@
+```toml
+[advisory]
+id = "RUSTSEC-0000-0000"
+package = "unic-ucd-hangul"
+date = "2025-10-18"
+informational = "unmaintained"
+url = "https://github.com/rustsec/advisory-db/issues/2414";
+
+[versions]
+patched = []
+unaffected = []
+```
+
+# `unic-ucd-hangul` is unmaintained
+
+All Unicode crates that are part of https://github.com/open-i18n/rust-unic are 
unmaintained.
+
+## Recommended alternatives
+
+- [`icu_normalizer`](https://crates.io/crates/icu_normalizer)
+- [`unicode-normalization`](https://crates.io/crates/unicode-normalization)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/advisory-db-20250913/crates/unic-ucd-ident/RUSTSEC-0000-0000.md 
new/advisory-db-20251021/crates/unic-ucd-ident/RUSTSEC-0000-0000.md
--- old/advisory-db-20250913/crates/unic-ucd-ident/RUSTSEC-0000-0000.md 
1970-01-01 01:00:00.000000000 +0100
+++ new/advisory-db-20251021/crates/unic-ucd-ident/RUSTSEC-0000-0000.md 
2025-10-20 22:14:34.000000000 +0200
@@ -0,0 +1,21 @@
+```toml
+[advisory]
+id = "RUSTSEC-0000-0000"
+package = "unic-ucd-ident"
+date = "2025-10-18"
+informational = "unmaintained"
+url = "https://github.com/rustsec/advisory-db/issues/2414";
+
+[versions]
+patched = []
+unaffected = []
+```
+
+# `unic-ucd-ident` is unmaintained
+
+All Unicode crates that are part of https://github.com/open-i18n/rust-unic are 
unmaintained.
+
+## Recommended alternatives
+
+- [`icu_properties`](https://crates.io/crates/icu_properties)
+- [`unicode-ident`](https://crates.io/crates/unicode-ident)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/advisory-db-20250913/crates/unic-ucd-name/RUSTSEC-0000-0000.md 
new/advisory-db-20251021/crates/unic-ucd-name/RUSTSEC-0000-0000.md
--- old/advisory-db-20250913/crates/unic-ucd-name/RUSTSEC-0000-0000.md  
1970-01-01 01:00:00.000000000 +0100
+++ new/advisory-db-20251021/crates/unic-ucd-name/RUSTSEC-0000-0000.md  
2025-10-20 22:14:34.000000000 +0200
@@ -0,0 +1,16 @@
+```toml
+[advisory]
+id = "RUSTSEC-0000-0000"
+package = "unic-ucd-name"
+date = "2025-10-18"
+informational = "unmaintained"
+url = "https://github.com/rustsec/advisory-db/issues/2414";
+
+[versions]
+patched = []
+unaffected = []
+```
+
+# `unic-ucd-name` is unmaintained
+
+All Unicode crates that are part of https://github.com/open-i18n/rust-unic are 
unmaintained.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/advisory-db-20250913/crates/unic-ucd-name_aliases/RUSTSEC-0000-0000.md 
new/advisory-db-20251021/crates/unic-ucd-name_aliases/RUSTSEC-0000-0000.md
--- old/advisory-db-20250913/crates/unic-ucd-name_aliases/RUSTSEC-0000-0000.md  
1970-01-01 01:00:00.000000000 +0100
+++ new/advisory-db-20251021/crates/unic-ucd-name_aliases/RUSTSEC-0000-0000.md  
2025-10-20 22:14:34.000000000 +0200
@@ -0,0 +1,16 @@
+```toml
+[advisory]
+id = "RUSTSEC-0000-0000"
+package = "unic-ucd-name_aliases"
+date = "2025-10-18"
+informational = "unmaintained"
+url = "https://github.com/rustsec/advisory-db/issues/2414";
+
+[versions]
+patched = []
+unaffected = []
+```
+
+# `unic-ucd-name_aliases` is unmaintained
+
+All Unicode crates that are part of https://github.com/open-i18n/rust-unic are 
unmaintained.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/advisory-db-20250913/crates/unic-ucd-normal/RUSTSEC-0000-0000.md 
new/advisory-db-20251021/crates/unic-ucd-normal/RUSTSEC-0000-0000.md
--- old/advisory-db-20250913/crates/unic-ucd-normal/RUSTSEC-0000-0000.md        
1970-01-01 01:00:00.000000000 +0100
+++ new/advisory-db-20251021/crates/unic-ucd-normal/RUSTSEC-0000-0000.md        
2025-10-20 22:14:34.000000000 +0200
@@ -0,0 +1,20 @@
+```toml
+[advisory]
+id = "RUSTSEC-0000-0000"
+package = "unic-ucd-normal"
+date = "2025-10-18"
+informational = "unmaintained"
+url = "https://github.com/rustsec/advisory-db/issues/2414";
+
+[versions]
+patched = []
+unaffected = []
+```
+
+# `unic-ucd-normal` is unmaintained
+
+All Unicode crates that are part of https://github.com/open-i18n/rust-unic are 
unmaintained.
+
+## Recommended alternatives
+
+- [`icu_normalizer`](https://crates.io/crates/icu_normalizer)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/advisory-db-20250913/crates/unic-ucd-segment/RUSTSEC-0000-0000.md 
new/advisory-db-20251021/crates/unic-ucd-segment/RUSTSEC-0000-0000.md
--- old/advisory-db-20250913/crates/unic-ucd-segment/RUSTSEC-0000-0000.md       
1970-01-01 01:00:00.000000000 +0100
+++ new/advisory-db-20251021/crates/unic-ucd-segment/RUSTSEC-0000-0000.md       
2025-10-20 22:14:34.000000000 +0200
@@ -0,0 +1,20 @@
+```toml
+[advisory]
+id = "RUSTSEC-0000-0000"
+package = "unic-ucd-segment"
+date = "2025-10-18"
+informational = "unmaintained"
+url = "https://github.com/rustsec/advisory-db/issues/2414";
+
+[versions]
+patched = []
+unaffected = []
+```
+
+# `unic-ucd-segment` is unmaintained
+
+All Unicode crates that are part of https://github.com/open-i18n/rust-unic are 
unmaintained.
+
+## Recommended alternatives
+
+- [`icu_properties`](https://crates.io/crates/icu_properties)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/advisory-db-20250913/crates/unic-ucd-version/RUSTSEC-0000-0000.md 
new/advisory-db-20251021/crates/unic-ucd-version/RUSTSEC-0000-0000.md
--- old/advisory-db-20250913/crates/unic-ucd-version/RUSTSEC-0000-0000.md       
1970-01-01 01:00:00.000000000 +0100
+++ new/advisory-db-20251021/crates/unic-ucd-version/RUSTSEC-0000-0000.md       
2025-10-20 22:14:34.000000000 +0200
@@ -0,0 +1,16 @@
+```toml
+[advisory]
+id = "RUSTSEC-0000-0000"
+package = "unic-ucd-version"
+date = "2025-10-18"
+informational = "unmaintained"
+url = "https://github.com/rustsec/advisory-db/issues/2414";
+
+[versions]
+patched = []
+unaffected = []
+```
+
+# `unic-ucd-version` is unmaintained
+
+All Unicode crates that are part of https://github.com/open-i18n/rust-unic are 
unmaintained.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/advisory-db-20250913/crates/unic-utils/RUSTSEC-0000-0000.md 
new/advisory-db-20251021/crates/unic-utils/RUSTSEC-0000-0000.md
--- old/advisory-db-20250913/crates/unic-utils/RUSTSEC-0000-0000.md     
1970-01-01 01:00:00.000000000 +0100
+++ new/advisory-db-20251021/crates/unic-utils/RUSTSEC-0000-0000.md     
2025-10-20 22:14:34.000000000 +0200
@@ -0,0 +1,16 @@
+```toml
+[advisory]
+id = "RUSTSEC-0000-0000"
+package = "unic-utils"
+date = "2025-10-18"
+informational = "unmaintained"
+url = "https://github.com/rustsec/advisory-db/issues/2414";
+
+[versions]
+patched = []
+unaffected = []
+```
+
+# `unic-utils` is unmaintained
+
+All Unicode crates that are part of https://github.com/open-i18n/rust-unic are 
unmaintained.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/advisory-db-20250913/crates/wrflib/RUSTSEC-2025-0072.md 
new/advisory-db-20251021/crates/wrflib/RUSTSEC-2025-0072.md
--- old/advisory-db-20250913/crates/wrflib/RUSTSEC-2025-0072.md 1970-01-01 
01:00:00.000000000 +0100
+++ new/advisory-db-20251021/crates/wrflib/RUSTSEC-2025-0072.md 2025-10-20 
22:14:34.000000000 +0200
@@ -0,0 +1,40 @@
+```toml
+[advisory]
+id = "RUSTSEC-2025-0072"
+package = "wrflib"
+date = "2025-10-02"
+informational = "unsound"
+url = "https://github.com/cruise-automation/webviz-rust-framework";
+categories = ["memory-corruption"]
+
+[affected.functions]
+"wrflib::byte_extract::get_f32_le" = ["<= 0.0.3"]
+"wrflib::byte_extract::get_f32_le_as_f32" = ["<= 0.0.3"]
+"wrflib::byte_extract::get_f64_le" = ["<= 0.0.3"]
+"wrflib::byte_extract::get_f64_le_as_f32" = ["<= 0.0.3"]
+"wrflib::byte_extract::get_i8_le" = ["<= 0.0.3"]
+"wrflib::byte_extract::get_i8_le_as_f32" = ["<= 0.0.3"]
+"wrflib::byte_extract::get_i16_le" = ["<= 0.0.3"]
+"wrflib::byte_extract::get_i16_le_as_f32" = ["<= 0.0.3"]
+"wrflib::byte_extract::get_i32_le" = ["<= 0.0.3"]
+"wrflib::byte_extract::get_i32_le_as_f32" = ["<= 0.0.3"]
+"wrflib::byte_extract::get_i64_le" = ["<= 0.0.3"]
+"wrflib::byte_extract::get_i64_le_as_f32" = ["<= 0.0.3"]
+"wrflib::byte_extract::get_u8_le" = ["<= 0.0.3"]
+"wrflib::byte_extract::get_u8_le_as_f32" = ["<= 0.0.3"]
+"wrflib::byte_extract::get_u16_le" = ["<= 0.0.3"]
+"wrflib::byte_extract::get_u16_le_as_f32" = ["<= 0.0.3"]
+"wrflib::byte_extract::get_u32_le" = ["<= 0.0.3"]
+"wrflib::byte_extract::get_u32_le_as_f32" = ["<= 0.0.3"]
+"wrflib::byte_extract::get_u64_le" = ["<= 0.0.3"]
+"wrflib::byte_extract::get_u64_le_as_f32" = ["<= 0.0.3"]
+
+[versions]
+patched = []
+unaffected = []
+```
+
+# soundness issue and unmaintained
+All functions under `wrflib::byte_extract` are simply wrapper of unsafe 
pointer offset and lacks sufficient checks to it pointer and offset parameter.
+
+`wrflib` is unmaintained.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/advisory-db-20250913/crates/xcb/RUSTSEC-2025-0051.md 
new/advisory-db-20251021/crates/xcb/RUSTSEC-2025-0051.md
--- old/advisory-db-20250913/crates/xcb/RUSTSEC-2025-0051.md    2025-09-12 
09:28:19.000000000 +0200
+++ new/advisory-db-20251021/crates/xcb/RUSTSEC-2025-0051.md    2025-10-20 
22:14:34.000000000 +0200
@@ -9,6 +9,7 @@
   "https://github.com/rust-x-bindings/rust-xcb/pull/283";
 ]
 informational = "unsound"
+keywords = [ "io-safety" ]
 
 [versions]
 patched = [">= 1.6.0"]

commit cargo-audit-advisory-db for openSUSE:Factory

Reply via email to