rustsec · pinkforest · Aug 14, 2022 · Aug 14, 2022 · Aug 14, 2022
diff --git a/crates/tempdir/RUSTSEC-2018-0017.md b/crates/tempdir/RUSTSEC-2018-0017.md
@@ -13,5 +13,4 @@ unaffected = []
 
 # `tempdir` crate has been deprecated; use `tempfile` instead
 
-The [`tempdir`](https://crates.io/crates/tempdir) crate has been deprecated
-and the functionality is merged into [`tempfile`](https://crates.io/crates/tempfile).
+The [`tempdir`](https://crates.io/crates/tempdir) crate has been deprecated.
diff --git a/crates/tempfile/RUSTSEC-0000-0000.md b/crates/tempfile/RUSTSEC-0000-0000.md
@@ -0,0 +1,17 @@
+```toml
+[advisory]
+id = "RUSTSEC-0000-0000"
+package = "tempfile"
+date = "2022-05-01"
+url = "https://github.com/Stebalien/tempfile/issues/178"
+references = ["https://github.com/Stebalien/tempfile/pull/141", "https://github.com/Stebalien/tempfile/pull/162", "https://owasp.org/www-community/vulnerabilities/Insecure_Temporary_File"]
+keywords = ["tempfile"]
+[versions]
+patched = []
+```
+
+# tempfile uses predictable RNG
+
+tempfile makes security guarantees that are not met by using predictable random number generator.
+
+The vectors may or may not vary by the platform and the use of the library.
diff --git a/crates/temporary/RUSTSEC-2018-0022.md b/crates/temporary/RUSTSEC-2018-0022.md
@@ -28,5 +28,3 @@ fn random_seed(_: &Path, _: &str) -> [u64; 2] {
 This has been resolved in the 0.6.4 release.
 
 The crate is not intended to be used outside of a testing environment.
-
-For a general purpose crate to create temporary directories, [`tempfile`](https://crates.io/crates/tempfile) is an alternative for this crate.
Original file line number	Diff line number	Diff line change
Expand Up		@@ -28,5 +28,3 @@ fn random_seed(_: &Path, _: &str) -> [u64; 2] {
		This has been resolved in the 0.6.4 release.

		The crate is not intended to be used outside of a testing environment.

		For a general purpose crate to create temporary directories, [`tempfile`](https://crates.io/crates/tempfile) is an alternative for this crate.