add cve info to advisories (#1099)

alexanderkjall · Shnatsel · web-flow · commit f4a897370633 · 2021-11-06T21:37:35.000+01:00
* add cve info to advisories

* Put `aliases` field in the proper place

It should not be under `[versions]`

* move `aliases` to the proper place

Co-authored-by: Sergey "Shnatsel" Davidoff &lt;shnatsel@gmail.com&gt;
diff --git a/crates/algorithmica/RUSTSEC-2021-0053.md b/crates/algorithmica/RUSTSEC-2021-0053.md
@@ -5,6 +5,7 @@ package = "algorithmica"
 date = "2021-03-07"
 url = "https://github.com/AbrarNitk/algorithmica/issues/1"
 categories = ["memory-corruption"]
+aliases = ["CVE-2021-31996"]
 
 [versions]
 patched = []
diff --git a/crates/ammonia/RUSTSEC-2021-0074.md b/crates/ammonia/RUSTSEC-2021-0074.md
@@ -6,6 +6,7 @@ date = "2021-07-08"
 url = "https://github.com/rust-ammonia/ammonia/pull/142"
 categories = ["format-injection"]
 keywords = ["html", "xss"]
+aliases = ["CVE-2021-38193"]
 
 [versions]
 patched = [">= 3.1.0", ">= 2.1.3, < 3.0.0"]
diff --git a/crates/anymap/RUSTSEC-2021-0065.md b/crates/anymap/RUSTSEC-2021-0065.md
@@ -5,6 +5,8 @@ package = "anymap"
 date = "2021-05-07"
 informational = "unmaintained"
 url = "https://github.com/chris-morgan/anymap/issues/37"
+aliases = ["CVE-2021-38187"]
+
 [versions]
 patched = []
 unaffected = []
diff --git a/crates/ark-r1cs-std/RUSTSEC-2021-0075.md b/crates/ark-r1cs-std/RUSTSEC-2021-0075.md
@@ -6,6 +6,7 @@ date = "2021-07-08"
 categories = ["crypto-failure"]
 keywords = ["r1cs", "zksnark", "arkworks"]
 url = "https://github.com/arkworks-rs/r1cs-std/pull/70"
+aliases = ["CVE-2021-38194"]
 
 [versions]
 patched = [">= 0.3.1"]
diff --git a/crates/better-macro/RUSTSEC-2021-0077.md b/crates/better-macro/RUSTSEC-2021-0077.md
@@ -6,6 +6,7 @@ date = "2021-07-22"
 url = "https://github.com/raycar5/better-macro/blob/24ff1702397b9c19bbfa4c660e2316cd77d3b900/src/lib.rs#L36-L38"
 categories = ["code-execution"]
 keywords = ["rce", "proc-macro"]
+aliases = ["CVE-2021-38196"]
 
 [affected]
 functions = { "better_macro::println" = ["> 1.0.0"] }
diff --git a/crates/comrak/RUSTSEC-2021-0063.md b/crates/comrak/RUSTSEC-2021-0063.md
@@ -6,6 +6,7 @@ date = "2021-05-04"
 url = "https://github.com/kivikakk/comrak/releases/tag/0.10.1"
 categories = ["format-injection"]
 keywords = ["xss"]
+aliases = ["CVE-2021-38186"]
 
 [versions]
 patched = [">= 0.10.1"]
diff --git a/crates/iced-x86/RUSTSEC-2021-0068.md b/crates/iced-x86/RUSTSEC-2021-0068.md
@@ -5,6 +5,7 @@ package = "iced-x86"
 date = "2021-05-19"
 url = "https://github.com/icedland/iced/issues/168"
 keywords = ["soundness"]
+aliases = ["CVE-2021-38188"]
 
 [affected]
 functions = { "iced_x86::Decoder::new" = ["<= 1.10.3"] }
diff --git a/crates/libsecp256k1/RUSTSEC-2021-0076.md b/crates/libsecp256k1/RUSTSEC-2021-0076.md
@@ -5,6 +5,8 @@ package = "libsecp256k1"
 date = "2021-07-13"
 url = "https://github.com/paritytech/libsecp256k1/pull/67"
 categories = ["crypto-failure"]
+aliases	= ["CVE-2021-38195"]
+
 [versions]
 patched = [">= 0.5.0"]
 ```
diff --git a/crates/nalgebra/RUSTSEC-2021-0070.md b/crates/nalgebra/RUSTSEC-2021-0070.md
@@ -6,6 +6,7 @@ date = "2021-06-06"
 url = "https://github.com/dimforge/nalgebra/issues/883"
 categories = ["memory-corruption", "memory-exposure"]
 keywords = ["memory-safety"]
+aliases = ["CVE-2021-38190"]
 
 [versions]
 patched = [">= 0.27.1"]
diff --git a/crates/prost-types/RUSTSEC-2021-0073.md b/crates/prost-types/RUSTSEC-2021-0073.md
@@ -6,6 +6,7 @@ date = "2021-07-08"
 url = "https://github.com/tokio-rs/prost/issues/438"
 categories = ["denial-of-service"]
 keywords = ["denial-of-service"]
+aliases = ["CVE-2021-38192"]
 
 [versions]
 patched = [">= 0.8.0"]
diff --git a/crates/tokio/RUSTSEC-2021-0072.md b/crates/tokio/RUSTSEC-2021-0072.md
@@ -6,6 +6,7 @@ date = "2021-07-07"
 url = "https://github.com/tokio-rs/tokio/issues/3929"
 categories = ["memory-corruption"]
 keywords = ["race condition", "send"]
+aliases = ["CVE-2021-38191"]
 
 [affected]
 functions = { "tokio::task::JoinHandle::abort" = ["<= 1.8.0, >= 0.3.0"] }
