1<!-- Copyright 2023 The Fuchsia Authors 2 3Licensed under a BSD-style license <LICENSE-BSD>, Apache License, Version 2.0 4<LICENSE-APACHE or https://www.apache.org/licenses/LICENSE-2.0>, or the MIT 5license <LICENSE-MIT or https://opensource.org/licenses/MIT>, at your option. 6This file may not be copied, modified, or distributed except according to 7those terms. --> 8 9# Changelog 10 11## Releases 12 13We track releases and release notes using [GitHub 14Releases](https://github.com/google/zerocopy/releases). 15 16## Yanks and Regressions 17 18### 0.2.2 through 0.2.8, 0.3.0 through 0.3.1, 0.4.0, 0.5.0, 0.6.0 through 0.6.5, 0.7.0 through 0.7.30 19 20*Security advisories for this bug have been published as 21[RUSTSEC-2023-0074][rustsec-advisory] and [GHSA-3mv5-343c-w2qg][github-advisory].* 22 23In these versions, the `Ref` methods `into_ref`, `into_mut`, `into_slice`, and 24`into_mut_slice` were permitted in combination with the standard library 25`cell::Ref` and `cell::RefMut` types for `Ref<B, T>`'s `B` type parameter. These 26combinations are unsound, and may permit safe code to exhibit undefined 27behavior. Fixes have been published to each affected minor version which do not 28permit this code to compile. 29 30See [#716][issue-716] for more details. 31 32[rustsec-advisory]: https://rustsec.org/advisories/RUSTSEC-2023-0074.html 33[github-advisory]: https://github.com/google/zerocopy/security/advisories/GHSA-3mv5-343c-w2qg 34[issue-716]: https://github.com/google/zerocopy/issues/716 35 36### 0.7.27, 0.7.28 37 38These versions were briefly yanked due to a non-soundness regression reported in 39[#672][pull-672]. After reconsidering our yanking policy in [#679][issue-679], 40we un-yanked these versions. 41 42[pull-672]: https://github.com/google/zerocopy/pull/672 43[issue-679]: https://github.com/google/zerocopy/issues/679 44