| Description: | Rust Toolset provides the Rust programming language compiler rustc, the cargo build tool and dependency manager, and required libraries.
The following packages have been upgraded to a later upstream version: rust (1.52.1). (BZ#1953002)
Security Fix(es):
rust: optimization for joining strings can cause uninitialized bytes to be exposed (CVE-2020-36323)
rust: heap-based buffer overflow in read_to_end() because it does not validate the return value from Read in an unsafe context (CVE-2021-28875)
rust: panic safety issue in Zip implementation (CVE-2021-28876)
rust: memory safety violation in Zip implementation for nested iter::Zips (CVE-2021-28877)
rust: memory safety violation in Zip implementation when next_back() and next() are used together (CVE-2021-28878)
rust: integer overflow in the Zip implementation can lead to a buffer overflow (CVE-2021-28879)
rust: double free in Vec::from_iter function if freeing the element panics (CVE-2021-31162)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
For information on usage, see Using Rust Toolset linked in the References section.
|