Stream: wg-secure-code

Topics:

• cargo dephell (4 messages, latest: Jul 15 2021 at 11:49)
• Statically-linked C/C++ libraries (13 messages, latest: Jul 06 2021 at 18:41)
• OSV PR review (19 messages, latest: Jul 02 2021 at 23:44)
• patched = ["x.y.z"] without operators (3 messages, latest: Jul 01 2021 at 23:40)
• OSV blog post (3 messages, latest: Jun 25 2021 at 19:53)
• OSV and yanked (32 messages, latest: Jun 24 2021 at 13:43)
• CVE assignment by RustSec (253 messages, latest: Jun 11 2021 at 21:31)
• Python gets an advisory DB (3 messages, latest: Jun 05 2021 at 19:52)
• RustSec (551 messages, latest: Jun 03 2021 at 00:38)
• build-time sandboxing (264 messages, latest: May 25 2021 at 00:25)
• RustSec CI breakage (42 messages, latest: May 22 2021 at 21:57)
• flatbuffer unsoundness (5 messages, latest: May 10 2021 at 13:14)
• rustsec monorepo (12 messages, latest: May 07 2021 at 20:47)
• web site updates (7 messages, latest: May 03 2021 at 22:38)
• cargo supply-chain (19 messages, latest: May 03 2021 at 16:13)
• cargo-audit binary releases (3 messages, latest: Apr 29 2021 at 14:00)
• cves in rust as per gentoo thread (4 messages, latest: Apr 13 2021 at 04:18)
• RustSec and unsound Read (9 messages, latest: Apr 12 2021 at 04:12)
• Memory safety bugs in Rust std (1 message, latest: Apr 08 2021 at 23:08)
• parking_lot atomic ordering fix (1 message, latest: Apr 07 2021 at 09:22)
• Issue 83618: Double free in Vec::from_iter specialization (2 messages, latest: Mar 28 2021 at 21:35)
• cargo-audit pre-built binaries using GitHub Actions (2 messages, latest: Mar 25 2021 at 02:08)
• rustsec.org gh-pages branch (57 messages, latest: Mar 06 2021 at 19:58)
• send-sync-trait-bounds (16 messages, latest: Mar 04 2021 at 15:43)
• PyPI malware attack (8 messages, latest: Mar 03 2021 at 18:59)
• Paper: Präzi: Call-based Dependency Networks (55 messages, latest: Mar 02 2021 at 19:01)
• RUSTSEC-2020-0146: generic-array lifetime extension (28 messages, latest: Mar 02 2021 at 17:41)
• CVE Updates (4 messages, latest: Feb 26 2021 at 00:54)
• Hidden unsafe due to unintentionally abusable macros (6 messages, latest: Feb 24 2021 at 21:36)
• "property-based" fuzzing (4 messages, latest: Feb 24 2021 at 20:37)
• Std zip soundness issues (3 messages, latest: Feb 23 2021 at 00:34)
• context for crate rename advisories (21 messages, latest: Feb 22 2021 at 22:37)
• Stack smash protection (53 messages, latest: Feb 19 2021 at 15:44)
• Chris Palmer - "Maybe We Can Have Nice Things" (8 messages, latest: Feb 18 2021 at 18:24)
• Is core part of the compiler? (26 messages, latest: Feb 18 2021 at 16:18)
• Deserialization and unsafe fields (4 messages, latest: Feb 14 2021 at 06:43)
• Google's "know, prevent, fix" (7 messages, latest: Feb 12 2021 at 02:01)
• Dependency confusion attack (3 messages, latest: Feb 12 2021 at 01:34)
• unsafe, Send, and Sync (1 message, latest: Feb 05 2021 at 16:02)
• RustSec advisories on crates.io (16 messages, latest: Feb 04 2021 at 20:07)
• deps.rs and the RustSec DB (7 messages, latest: Feb 01 2021 at 19:47)
• RustSec communications (29 messages, latest: Jan 30 2021 at 20:29)
• thread-safety category (6 messages, latest: Jan 27 2021 at 01:22)
• RustSec praise (2 messages, latest: Jan 22 2021 at 04:45)
• rustsec.org publish automation (3 messages, latest: Jan 11 2021 at 18:39)
• cargo-audit version resolution bug (11 messages, latest: Jan 08 2021 at 19:51)
• mdbook vulnerability (5 messages, latest: Jan 06 2021 at 16:17)
• Apple arm sanitizers (3 messages, latest: Jan 01 2021 at 17:04)
• cargo now has reproducible builds support (1 message, latest: Dec 29 2020 at 20:52)
• Undefined behavior is a security bug? (4 messages, latest: Dec 19 2020 at 15:37)
• When is rustsec.org synchronized (14 messages, latest: Dec 18 2020 at 16:41)
• GitHub Discussions (1 message, latest: Dec 08 2020 at 20:39)
• Integration into crates.io (6 messages, latest: Dec 01 2020 at 21:38)
• reporting-preference (13 messages, latest: Nov 25 2020 at 17:45)
• criteria for categories (17 messages, latest: Nov 19 2020 at 01:07)
• Implications of using slice::as_ptr for mutable access (13 messages, latest: Nov 14 2020 at 13:14)
• Hunting for malicious packages on PyPI (3 messages, latest: Nov 13 2020 at 19:53)
• CVE-2020-28367 and CVE-2020-28366 (1 message, latest: Nov 12 2020 at 22:42)
• symbolic execution (24 messages, latest: Nov 11 2020 at 16:10)
• Config file for cargo-audit (9 messages, latest: Nov 10 2020 at 20:48)
• unchecked arithmetic (66 messages, latest: Nov 08 2020 at 22:48)
• mio and libc::sockaddr (3 messages, latest: Nov 05 2020 at 19:14)
• How do programmers use unsafe Rust? (141 messages, latest: Oct 23 2020 at 17:09)
• tinyvec without default (3 messages, latest: Oct 20 2020 at 12:33)
• zeroize (4 messages, latest: Oct 16 2020 at 19:59)
• Joining the workng group? (31 messages, latest: Oct 10 2020 at 23:19)
• cargo-audit call graph analysis (4 messages, latest: Oct 05 2020 at 19:21)
• RustSec V3 format migration (4 messages, latest: Oct 02 2020 at 01:58)
• Hwo do programmers Use unsafe Rust? (26 messages, latest: Sep 27 2020 at 16:42)
• YAML for RustSec advisories (23 messages, latest: Sep 26 2020 at 16:45)
• cargo-lock 5.0.0 (7 messages, latest: Sep 26 2020 at 00:32)
• Possible advisory (9 messages, latest: Sep 16 2020 at 20:38)
• advisory (5 messages, latest: Sep 13 2020 at 21:54)
• RustSec audit of binary files (26 messages, latest: Sep 08 2020 at 22:30)
• Rust verification tools (6 messages, latest: Sep 08 2020 at 16:33)
• compartive-unsafety (29 messages, latest: Aug 18 2020 at 13:09)
• inserting linker sections (68 messages, latest: Aug 11 2020 at 19:17)
• rustsec crates and rust-audit (7 messages, latest: Jul 31 2020 at 17:14)
• exploit mitigations (38 messages, latest: Jul 30 2020 at 00:15)
• cargo-geiger (3 messages, latest: Jul 15 2020 at 16:09)
• crates.io security advisory - 2020-07-14 (11 messages, latest: Jul 15 2020 at 00:41)
• ANSSI Guide to developing secure apps w/ Rust (4 messages, latest: Jun 26 2020 at 20:29)
• "unsound" informational advisories (52 messages, latest: Jun 26 2020 at 12:50)
• proc_macro_hack and asan (6 messages, latest: Jun 25 2020 at 11:18)
• built crate (2 messages, latest: Jun 22 2020 at 21:16)
• ureq (4 messages, latest: Jun 17 2020 at 16:23)
• warning for unused crate dependencies (3 messages, latest: May 28 2020 at 16:48)
• discussion platforms (38 messages, latest: May 23 2020 at 18:47)
• miri is great (43 messages, latest: May 17 2020 at 08:46)
• C++ is faster and safer than Rust!#$!#$ (4 messages, latest: May 14 2020 at 13:04)
• Deprecate cargo-audit in favor of cargo-deny? (1 message, latest: May 13 2020 at 19:03)
• discontinuing cargo-repro -> rebuilderd (3 messages, latest: May 10 2020 at 23:25)
• grepping all of crates.io (62 messages, latest: May 04 2020 at 13:52)
• dirs and directories unmaintained? (3 messages, latest: Apr 29 2020 at 16:57)
• rebuilderd (1 message, latest: Apr 28 2020 at 16:31)
• smol (1 message, latest: Apr 27 2020 at 14:07)
• Paper: Understanding Memory and Thread Safety Practices… (6 messages, latest: Apr 27 2020 at 12:01)
• "RUSTSEC-2020-0011 is not a security vulnerability" (4 messages, latest: Apr 26 2020 at 00:17)
• Oh C (14 messages, latest: Apr 21 2020 at 14:37)
• malicious packages (10 messages, latest: Apr 19 2020 at 13:56)
• Quantifying Rust's safety (6 messages, latest: Mar 18 2020 at 14:47)
• mem-markers (2 messages, latest: Mar 12 2020 at 17:09)
• NCC RustCrypto Audit (1 message, latest: Feb 27 2020 at 07:23)
• Secure Code WG Team (7 messages, latest: Feb 19 2020 at 01:57)
• Security linter? (4 messages, latest: Feb 03 2020 at 16:42)
• Is it safe? (22 messages, latest: Jan 30 2020 at 22:39)
• 2020 roadmap (1 message, latest: Jan 22 2020 at 22:11)
• async and HTTP client rant (83 messages, latest: Jan 22 2020 at 01:10)
• ripgrep slowness (19 messages, latest: Jan 19 2020 at 18:24)
• hacspec (6 messages, latest: Jan 14 2020 at 13:30)
• rand_chacha round reduction (1 message, latest: Jan 13 2020 at 20:16)
• cfnts (14 messages, latest: Jan 09 2020 at 00:27)
• safe FFI to C++ (2 messages, latest: Jan 08 2020 at 22:14)
• crate security (118 messages, latest: Jan 08 2020 at 15:17)
• #[sensitive] attribute for zeroization (1 message, latest: Jan 07 2020 at 21:48)
• Safe transmutes (4 messages, latest: Dec 29 2019 at 15:21)
• rust for low level security (56 messages, latest: Dec 21 2019 at 19:12)
• clippy security lints (14 messages, latest: Dec 20 2019 at 10:39)
• lint for unconstrained lifetimes in return type (9 messages, latest: Dec 17 2019 at 20:29)
• Reproducible builds (55 messages, latest: Dec 17 2019 at 19:15)
• Logo 2.0 (4 messages, latest: Dec 17 2019 at 01:41)
• Warning when using yanked crate? (5 messages, latest: Dec 13 2019 at 05:17)
• runtime sandboxing (9 messages, latest: Dec 02 2019 at 23:24)
• Help wanted for making mem::zeroed/uninititalized safer (8 messages, latest: Nov 29 2019 at 18:15)
• security-related crates (17 messages, latest: Nov 29 2019 at 18:07)
• scudo / gwpasan (5 messages, latest: Nov 29 2019 at 15:39)
• clap vulnerability? (6 messages, latest: Nov 24 2019 at 09:02)
• Unsoundness in Pin (1 message, latest: Nov 18 2019 at 04:53)
• uninit-mem-read (4 messages, latest: Nov 07 2019 at 17:44)
• safety-dance (76 messages, latest: Nov 05 2019 at 19:25)
• cargo-audit (53 messages, latest: Nov 04 2019 at 16:50)
• Rust 2020 blogs (1 message, latest: Oct 29 2019 at 20:49)
• Rust Leadership Sync (17 messages, latest: Oct 25 2019 at 18:29)
• crates.io security (21 messages, latest: Oct 22 2019 at 23:29)
• floorplan (2 messages, latest: Oct 22 2019 at 23:29)
• left-pad index (6 messages, latest: Oct 18 2019 at 20:41)
• Disclosure policy (14 messages, latest: Oct 13 2019 at 22:20)
• cargo-audit #23 (32 messages, latest: Oct 10 2019 at 15:29)
• asan false positives (5 messages, latest: Oct 09 2019 at 23:28)
• All Hands (11 messages, latest: Oct 09 2019 at 18:11)
• Unmaintained crates (3 messages, latest: Oct 07 2019 at 18:40)
• Rust 2020 (2 messages, latest: Sep 24 2019 at 21:06)
• #![repr(C)] accepted but ignored (2 messages, latest: Sep 24 2019 at 14:23)
• Github vuln notifications (7 messages, latest: Sep 23 2019 at 23:19)
• unsafe-fn (15 messages, latest: Sep 18 2019 at 16:29)
• make tidy enforce "SAFETY" comments? (2 messages, latest: Sep 18 2019 at 16:27)
• Requests to join WG (35 messages, latest: Sep 09 2019 at 09:00)
• Arbitrary (5 messages, latest: Sep 07 2019 at 12:15)
• Safety dance – Image (5 messages, latest: Sep 01 2019 at 16:17)
• Unsafety in abandoned crate (15 messages, latest: Aug 31 2019 at 20:02)
• projects (4 messages, latest: Aug 30 2019 at 15:40)
• Deterministic compilation (3 messages, latest: Aug 29 2019 at 20:25)
• preallocation in serde (47 messages, latest: Aug 29 2019 at 18:06)
• Comparing crates.io and GH code? (5 messages, latest: Aug 29 2019 at 06:51)
• use of unsafe (94 messages, latest: Aug 27 2019 at 19:08)
• secure-code cargo-crev proofs repository (2 messages, latest: Aug 27 2019 at 19:07)
• neqo (2 messages, latest: Aug 27 2019 at 19:04)
• str-from-utf8-with-validation (13 messages, latest: Aug 25 2019 at 19:09)
• CVE handling as a service (9 messages, latest: Aug 12 2019 at 15:57)
• Old crossbeam::queue causing SIGILL (10 messages, latest: Aug 12 2019 at 15:22)
• panics (74 messages, latest: Aug 11 2019 at 14:35)
• crates.io + GitHub (2 messages, latest: Jul 27 2019 at 22:38)
• obtaining crates.io tokens from subprocesses (9 messages, latest: Jul 25 2019 at 14:37)
• (non-)constant time (14 messages, latest: Jul 24 2019 at 20:33)
• RUSTSEC-2019-0011: memoffset (22 messages, latest: Jul 24 2019 at 15:19)
• RustSec call graph analysis (5 messages, latest: Jul 24 2019 at 12:02)
• Threshold for "vulnerability" (105 messages, latest: Jul 20 2019 at 21:14)
• meetings/syncs (13 messages, latest: Jul 20 2019 at 21:08)
• #black_magic in Rust community discord (40 messages, latest: Jul 20 2019 at 19:24)
• stats on vulnerabilities (7 messages, latest: Jul 20 2019 at 19:03)
• crates-audit (250 messages, latest: Jul 20 2019 at 19:00)
• zulip oauth (1 message, latest: Jul 19 2019 at 02:58)
• Problematic RFC for && and || for Option/Result (1 message, latest: Jul 16 2019 at 09:48)
• website, leads (3 messages, latest: Jul 10 2019 at 23:15)
• vec_append_from_within (11 messages, latest: Jul 01 2019 at 17:07)
• Safe code faster than unsafe?! (3 messages, latest: Jul 01 2019 at 16:51)
• Cryptography WG (1 message, latest: May 22 2019 at 17:07)
• Zeroize (https://crates.io/crates/zeroize) (129 messages, latest: May 22 2019 at 09:50)
• secure rng (156 messages, latest: May 21 2019 at 07:01)
• crates.io identity (9 messages, latest: May 17 2019 at 00:56)
• side-channel fuzzing (21 messages, latest: May 01 2019 at 10:39)
• 2019 roadmap (15 messages, latest: May 01 2019 at 10:36)
• automated fuzzing of stdlib (67 messages, latest: Apr 21 2019 at 20:26)
• workgroup organization (51 messages, latest: Mar 30 2019 at 15:43)
• static analysis tooling (8 messages, latest: Mar 20 2019 at 22:29)
• patching-previous-versions (13 messages, latest: Mar 19 2019 at 08:05)
• encoding crate versions in binaries (27 messages, latest: Mar 14 2019 at 15:55)
• hello (69 messages, latest: Mar 13 2019 at 23:08)
• logo (87 messages, latest: Mar 12 2019 at 20:59)
• another CVE in old stdlib (7 messages, latest: Feb 24 2019 at 22:13)
• fuzzing targets (22 messages, latest: Feb 23 2019 at 22:58)
• security badges (121 messages, latest: Feb 14 2019 at 19:40)
• meta (7 messages, latest: Feb 14 2019 at 03:34)
• integer-overflow-rfc (9 messages, latest: Feb 11 2019 at 06:34)
• integer-overflow (266 messages, latest: Feb 07 2019 at 18:48)
• Crypto Library Abstractions (4 messages, latest: Jan 29 2019 at 01:23)
• Cargo token disclosure vulnerability (2 messages, latest: Jan 29 2019 at 00:31)
• Security as 2019 goal (183 messages, latest: Jan 22 2019 at 02:00)
• random (14 messages, latest: Jan 15 2019 at 21:57)
• Dynamic analysis tooling (1 message, latest: Jan 14 2019 at 01:58)
• community norms on unsafe (2 messages, latest: Jan 10 2019 at 20:38)
• Angora (4 messages, latest: Dec 29 2018 at 11:43)
• stack overflow (2 messages, latest: Dec 16 2018 at 15:15)
• least authority crates (9 messages, latest: Dec 03 2018 at 21:33)
• cargo update CVE check (41 messages, latest: Dec 01 2018 at 19:26)
• Administrative (2 messages, latest: Nov 28 2018 at 20:16)
• 1000 ways to die in Rust FFI (4 messages, latest: Nov 27 2018 at 20:55)
• integration-test-only-apis (9 messages, latest: Nov 26 2018 at 22:27)
• yet another safe abstraction (20 messages, latest: Nov 24 2018 at 19:51)
• building boringssl (8 messages, latest: Nov 16 2018 at 22:31)
• project ideas? (27 messages, latest: Nov 05 2018 at 21:49)
• mitigations (9 messages, latest: Nov 05 2018 at 13:54)
• proving things (11 messages, latest: Oct 29 2018 at 19:19)
• is this exploitable? (13 messages, latest: Oct 25 2018 at 19:51)
• actionable work items (16 messages, latest: Oct 23 2018 at 18:42)
• RFC ideas (4 messages, latest: Oct 19 2018 at 18:04)
• correctness proofs (10 messages, latest: Oct 19 2018 at 17:24)
• Twitter (3 messages, latest: Oct 19 2018 at 13:54)
• Mission (3 messages, latest: Oct 18 2018 at 23:47)
• this-week-in (2 messages, latest: Oct 18 2018 at 20:54)
• Inter-crate dependencies in unsafe code (2 messages, latest: Oct 17 2018 at 21:46)

Last update: Jul 29 2021 at 21:15UTC