Affected versions of this crate passed an unininitialized buffer to a
user-provided Read instance in Tape::take_bytes.
This can result in safe Read implementations reading from the uninitialized
buffer leading to undefined behavior.
The flaw was corrected in commit 1f2dc7f37dd by removing the unsafe block
and zero-initializing the buffer.
{
"license": "CC0-1.0"
}