Memory corruption fixed in smallvec 2.0.0-alpha-6

[gendx]

According to servo/rust-smallvec#353, there was a memory corruption in smallvec 2.0.0-alpha.5. I didn't check the range of affected versions, although that bug report mentions that:

Smallvec 1.x works fine.

I don't know what's the policy for vulnerabilities in pre-release versions, but given that smallvec is used a lot (and the 2.0.0-alpha.x branch already has 8 reverse dependencies according to https://lib.rs/crates/smallvec/rev), it may be worth recording that in the advisory database.

Perhaps using the version range >= 2.0.0 <= 2.0.0-alpha.5 to be conservative (I'm not sure how the tool works w.r.t. version suffixes)?

[Skgland]

Isn't the >= 2.0.0 <= 2.0.0-alpha.5 range empty as 2.0.0-alpha.5 < 2.0.0?