Moderate: rust-toolset:rhel8 security, bug fix, and enhancement update

2021-08-1011:59:11

errata.almalinux.org

0.017 Low

EPSS

Percentile

87.8%

JSON

Rust Toolset provides the Rust programming language compiler rustc, the cargo build tool and dependency manager, and required libraries.

The following packages have been upgraded to a later upstream version: rust (1.52.1). (BZ#1953002)

Security Fix(es):

rust: optimization for joining strings can cause uninitialized bytes to be exposed (CVE-2020-36323)
rust: heap-based buffer overflow in read_to_end() because it does not validate the return value from Read in an unsafe context (CVE-2021-28875)
rust: panic safety issue in Zip implementation (CVE-2021-28876)
rust: memory safety violation in Zip implementation for nested iter::Zips (CVE-2021-28877)
rust: memory safety violation in Zip implementation when next_back() and next() are used together (CVE-2021-28878)
rust: integer overflow in the Zip implementation can lead to a buffer overflow (CVE-2021-28879)
rust: double free in Vec::from_iter function if freeing the element panics (CVE-2021-31162)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

For information on usage, see Using Rust Toolset linked in the References section.

OSVersionArchitecturePackageVersionFilename
almalinux8x86_64cargo< 1.52.1-1.module_el8.4.0+2520+0729bac9cargo-1.52.1-1.module_el8.4.0+2520+0729bac9.x86_64.rpm
almalinux8noarchcargo-doc< 1.52.1-1.module_el8.4.0+2520+0729bac9cargo-doc-1.52.1-1.module_el8.4.0+2520+0729bac9.noarch.rpm
almalinux8x86_64clippy< 1.52.1-1.module_el8.4.0+2520+0729bac9clippy-1.52.1-1.module_el8.4.0+2520+0729bac9.x86_64.rpm
almalinux8x86_64rls< 1.52.1-1.module_el8.4.0+2520+0729bac9rls-1.52.1-1.module_el8.4.0+2520+0729bac9.x86_64.rpm
almalinux8x86_64rust< 1.52.1-1.module_el8.4.0+2520+0729bac9rust-1.52.1-1.module_el8.4.0+2520+0729bac9.x86_64.rpm
almalinux8x86_64rust-analysis< 1.52.1-1.module_el8.4.0+2520+0729bac9rust-analysis-1.52.1-1.module_el8.4.0+2520+0729bac9.x86_64.rpm
almalinux8noarchrust-debugger-common< 1.52.1-1.module_el8.4.0+2520+0729bac9rust-debugger-common-1.52.1-1.module_el8.4.0+2520+0729bac9.noarch.rpm
almalinux8x86_64rust-doc< 1.52.1-1.module_el8.4.0+2520+0729bac9rust-doc-1.52.1-1.module_el8.4.0+2520+0729bac9.x86_64.rpm
almalinux8noarchrust-gdb< 1.52.1-1.module_el8.4.0+2520+0729bac9rust-gdb-1.52.1-1.module_el8.4.0+2520+0729bac9.noarch.rpm
almalinux8noarchrust-lldb< 1.52.1-1.module_el8.4.0+2520+0729bac9rust-lldb-1.52.1-1.module_el8.4.0+2520+0729bac9.noarch.rpm

OS	Version	Architecture	Package	Version	Filename
almalinux	8	x86_64	cargo	< 1.52.1-1.module_el8.4.0+2520+0729bac9	cargo-1.52.1-1.module_el8.4.0+2520+0729bac9.x86_64.rpm
almalinux	8	noarch	cargo-doc	< 1.52.1-1.module_el8.4.0+2520+0729bac9	cargo-doc-1.52.1-1.module_el8.4.0+2520+0729bac9.noarch.rpm
almalinux	8	x86_64	clippy	< 1.52.1-1.module_el8.4.0+2520+0729bac9	clippy-1.52.1-1.module_el8.4.0+2520+0729bac9.x86_64.rpm
almalinux	8	x86_64	rls	< 1.52.1-1.module_el8.4.0+2520+0729bac9	rls-1.52.1-1.module_el8.4.0+2520+0729bac9.x86_64.rpm
almalinux	8	x86_64	rust	< 1.52.1-1.module_el8.4.0+2520+0729bac9	rust-1.52.1-1.module_el8.4.0+2520+0729bac9.x86_64.rpm
almalinux	8	x86_64	rust-analysis	< 1.52.1-1.module_el8.4.0+2520+0729bac9	rust-analysis-1.52.1-1.module_el8.4.0+2520+0729bac9.x86_64.rpm
almalinux	8	noarch	rust-debugger-common	< 1.52.1-1.module_el8.4.0+2520+0729bac9	rust-debugger-common-1.52.1-1.module_el8.4.0+2520+0729bac9.noarch.rpm
almalinux	8	x86_64	rust-doc	< 1.52.1-1.module_el8.4.0+2520+0729bac9	rust-doc-1.52.1-1.module_el8.4.0+2520+0729bac9.x86_64.rpm
almalinux	8	noarch	rust-gdb	< 1.52.1-1.module_el8.4.0+2520+0729bac9	rust-gdb-1.52.1-1.module_el8.4.0+2520+0729bac9.noarch.rpm
almalinux	8	noarch	rust-lldb	< 1.52.1-1.module_el8.4.0+2520+0729bac9	rust-lldb-1.52.1-1.module_el8.4.0+2520+0729bac9.noarch.rpm