stable

rust-1.51.0-3.el7

FEDORA-EPEL-2021-044df87bd4 created by jistone 4 years ago for Fedora EPEL 7

Security fixes for CVE-2020-36323, CVE-2021-28876, CVE-2021-28878, CVE-2021-28879, and CVE-2021-31162.

These are memory safety bugs in the Rust standard library. Because it is statically linked, affected applications will need to be rebuilt to benefit from the fixes. The actual security implications will depend on how these APIs are used in each particular case.

This update has been submitted for testing by jistone.

4 years ago

This update's test gating status has been changed to 'ignored'.

4 years ago

This update's test gating status has been changed to 'waiting'.

4 years ago

This update's test gating status has been changed to 'ignored'.

4 years ago

This update has been pushed to testing.

4 years ago

This update can be pushed to stable now if the maintainer wishes

3 years ago

This update has been submitted for stable by bodhi.

3 years ago

This update has been pushed to stable.

3 years ago

Please login to add feedback.

Metadata
Type
security
Severity
medium
Karma
0
Signed
Content Type
RPM
Test Gating
Autopush Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
14 days
Dates
submitted
4 years ago
in testing
4 years ago
in stable
3 years ago
BZ#1949198 CVE-2021-28876 rust: panic safety issue in Zip implementation
0
0
BZ#1949200 CVE-2021-28876 rust: panic safety issue in Zip implementation [epel-7]
0
0
BZ#1949207 CVE-2021-28878 rust: memory safety violation in Zip implementation when next_back() and next() are used together
0
0
BZ#1949209 CVE-2021-28878 rust: memory safety violation in Zip implementation when next_back() and next() are used together [epel-7]
0
0
BZ#1949211 CVE-2021-28879 rust: integer overflow in the Zip implementation can lead to a buffer overflow
0
0
BZ#1949213 CVE-2021-28879 rust: integer overflow in the Zip implementation can lead to a buffer overflow [epel-7]
0
0
BZ#1950396 CVE-2020-36323 rust: optimization for joining strings can cause uninitialized bytes to be exposed
0
0
BZ#1950398 CVE-2021-31162 rust: double free in Vec::from_iter function if freeing the element panics
0
0
BZ#1950401 CVE-2021-31162 rust: double free in Vec::from_iter function if freeing the element panics [epel-7]
0
0
BZ#1950486 CVE-2020-36323 rust: optimization for joining strings can cause uninitialized bytes to be exposed [epel-7]
0
0

Automated Test Results

Test Cases

0 0 Test Case rust compile