Описание
ELSA-2022-1894: rust-toolset:ol8 security, bug fix, and enhancement update (MODERATE)
rust [1.58.1-1]
- Update to 1.58.1.
[1.58.0-1]
- Update to 1.58.0.
[1.57.0-1]
- Update to 1.57.0.
[1.56.1-2]
- Add rust-std-static-wasm32-wasi Resolves: rhbz#1980080
[1.56.0-1]
- Update to 1.56.1.
[1.55.0-1]
- Update to 1.55.0.
- Backport support for LLVM 13.
[1.54.0-2]
- Make std-static-wasm* arch-specific to avoid s390x.
[1.54.0-1]
- Update to 1.54.0.
[1.53.0-2]
- Use llvm-ranlib to fix wasm archives.
[1.53.0-1]
- Update to 1.53.0.
[1.52.1-2]
- Set rust.codegen-units-std=1 for all targets again.
- Add rust-std-static-wasm32-unknown-unknown.
[1.52.1-1]
- Update to 1.52.1. Includes security fixes for CVE-2020-36323, CVE-2021-28876, CVE-2021-28878, CVE-2021-28879, and CVE-2021-31162.
[1.51.0-1]
- Update to 1.51.0. Update to 1.51.0. Includes security fixes for CVE-2021-28875 and CVE-2021-28877.
[1.50.0-1]
- Update to 1.50.0.
[1.49.0-1]
- Update to 1.49.0.
[1.48.0-1]
- Update to 1.48.0.
[1.47.0-1]
- Update to 1.47.0.
[1.46.0-1]
- Update to 1.46.0.
[1.45.2-1]
- Update to 1.45.2.
[1.45.0-1]
- Update to 1.45.0.
[1.44.1-1]
- Update to 1.44.1.
[1.43.1-1]
- Update to 1.43.1.
[1.43.0-1]
- Update to 1.43.0.
[1.42.0-1]
- Update to 1.42.0.
[1.41.1-1]
- Update to 1.41.1.
[1.41.0-1]
- Update to 1.41.0.
[1.40.0-1]
- Update to 1.40.0.
- Fix compiletest with newer (local-rebuild) libtest
- Build compiletest with in-tree libtest
- Fix ARM EHABI unwinding
[1.39.0-2]
- Fix a couple build and test issues with rustdoc.
[1.39.0-1]
- Update to 1.39.0.
[1.38.0-1]
- Update to 1.38.0.
[1.37.0-1]
- Update to 1.37.0.
- Disable libssh2 (git+ssh support).
[1.36.0-1]
- Update to 1.36.0.
[1.35.0-2]
- Fix compiletest for rebuild testing.
[1.35.0-1]
- Update to 1.35.0.
[1.34.2-1]
- Update to 1.34.2 -- fixes CVE-2019-12083.
[1.34.1-1]
- Update to 1.34.1.
[1.34.0-1]
- Update to 1.34.0.
[1.33.0-1]
- Update to 1.33.0.
[1.32.0-1]
- Update to 1.32.0.
[1.31.0-5]
- Restore rust-lldb.
[1.31.0-4]
- Backport fixes for rls.
[1.31.0-3]
- Update to 1.31.0 -- Rust 2018!
- clippy/rls/rustfmt are no longer -preview
[1.30.1-2]
- Update to 1.30.1.
[1.29.2-1]
- Update to 1.29.2.
[1.28.0-1]
- Update to 1.28.0.
[1.27.2-1]
- Update to 1.27.2.
[1.26.2-12]
- Fix 'fp' target feature for AArch64 (#1632880)
[1.26.2-11]
- Security fix for str::repeat (pending CVE).
[1.26.2-10]
- Rebuild without bootstrap binaries.
[1.26.2-9]
- Bootstrap without SCL packaging. (rhbz1635067)
[1.26.2-8]
- Use python3 prefix for lldb Requires
[1.26.2-7]
- Build with platform-python
[1.26.2-6]
- Exclude rust-src from auto-requires
[1.26.2-5]
- Rebuild without bootstrap binaries.
[1.26.2-4]
- Bootstrap as a module.
[1.26.2-3]
- Update to 1.26.2.
[1.26.1-2]
- Update to 1.26.1.
[1.26.0-1]
- Update to 1.26.0.
[1.25.0-2]
- Filter codegen-backends from Provides too.
[1.25.0-1]
- Update to 1.25.0.
- Add rustfmt-preview as a subpackage.
[1.24.0-1]
- Update to 1.24.0.
[1.23.0-2]
- Rebuild without bootstrap binaries.
[1.23.0-1]
- Bootstrap 1.23 on el8.
rust-toolset [1.58.1-1]
- Update to Rust and Cargo 1.58.1.
[1.58.0-1]
- Update to Rust and Cargo 1.58.0.
[1.57.0-1]
- Update to Rust and Cargo 1.57.0.
[1.56.1-1]
- Update to Rust and Cargo 1.56.1.
[1.55.0-1]
- Update to Rust and Cargo 1.55.0.
Обновленные пакеты
Oracle Linux 8
Oracle Linux aarch64
Module rust-toolset:ol8 is enabled
cargo
1.58.1-1.module+el8.6.0+20563+1eb4e043
cargo-doc
1.58.1-1.module+el8.6.0+20563+1eb4e043
clippy
1.58.1-1.module+el8.6.0+20563+1eb4e043
rls
1.58.1-1.module+el8.6.0+20563+1eb4e043
rust
1.58.1-1.module+el8.6.0+20563+1eb4e043
rust-analysis
1.58.1-1.module+el8.6.0+20563+1eb4e043
rust-debugger-common
1.58.1-1.module+el8.6.0+20563+1eb4e043
rust-doc
1.58.1-1.module+el8.6.0+20563+1eb4e043
rust-gdb
1.58.1-1.module+el8.6.0+20563+1eb4e043
rust-lldb
1.58.1-1.module+el8.6.0+20563+1eb4e043
rust-src
1.58.1-1.module+el8.6.0+20563+1eb4e043
rust-std-static
1.58.1-1.module+el8.6.0+20563+1eb4e043
rust-std-static-wasm32-unknown-unknown
1.58.1-1.module+el8.6.0+20563+1eb4e043
rust-std-static-wasm32-wasi
1.58.1-1.module+el8.6.0+20563+1eb4e043
rust-toolset
1.58.1-1.module+el8.6.0+20563+1eb4e043
rustfmt
1.58.1-1.module+el8.6.0+20563+1eb4e043
Oracle Linux x86_64
Module rust-toolset:ol8 is enabled
cargo
1.58.1-1.module+el8.6.0+20563+1eb4e043
cargo-doc
1.58.1-1.module+el8.6.0+20563+1eb4e043
clippy
1.58.1-1.module+el8.6.0+20563+1eb4e043
rls
1.58.1-1.module+el8.6.0+20563+1eb4e043
rust
1.58.1-1.module+el8.6.0+20563+1eb4e043
rust-analysis
1.58.1-1.module+el8.6.0+20563+1eb4e043
rust-debugger-common
1.58.1-1.module+el8.6.0+20563+1eb4e043
rust-doc
1.58.1-1.module+el8.6.0+20563+1eb4e043
rust-gdb
1.58.1-1.module+el8.6.0+20563+1eb4e043
rust-lldb
1.58.1-1.module+el8.6.0+20563+1eb4e043
rust-src
1.58.1-1.module+el8.6.0+20563+1eb4e043
rust-std-static
1.58.1-1.module+el8.6.0+20563+1eb4e043
rust-std-static-wasm32-unknown-unknown
1.58.1-1.module+el8.6.0+20563+1eb4e043
rust-std-static-wasm32-wasi
1.58.1-1.module+el8.6.0+20563+1eb4e043
rust-toolset
1.58.1-1.module+el8.6.0+20563+1eb4e043
rustfmt
1.58.1-1.module+el8.6.0+20563+1eb4e043
Связанные CVE
Связанные уязвимости
Rust is a multi-paradigm, general-purpose programming language designed for performance and safety, especially safe concurrency. The Rust Security Response WG was notified that the `std::fs::remove_dir_all` standard library function is vulnerable a race condition enabling symlink following (CWE-363). An attacker could use this security issue to trick a privileged program into deleting files and directories the attacker couldn't otherwise access or delete. Rust 1.0.0 through Rust 1.58.0 is affected by this vulnerability with 1.58.1 containing a patch. Note that the following build targets don't have usable APIs to properly mitigate the attack, and are thus still vulnerable even with a patched toolchain: macOS before version 10.10 (Yosemite) and REDOX. We recommend everyone to update to Rust 1.58.1 as soon as possible, especially people developing programs expected to run in privileged contexts (including system daemons and setuid binaries), as those have the highest risk of being aff...
Rust is a multi-paradigm, general-purpose programming language designed for performance and safety, especially safe concurrency. The Rust Security Response WG was notified that the `std::fs::remove_dir_all` standard library function is vulnerable a race condition enabling symlink following (CWE-363). An attacker could use this security issue to trick a privileged program into deleting files and directories the attacker couldn't otherwise access or delete. Rust 1.0.0 through Rust 1.58.0 is affected by this vulnerability with 1.58.1 containing a patch. Note that the following build targets don't have usable APIs to properly mitigate the attack, and are thus still vulnerable even with a patched toolchain: macOS before version 10.10 (Yosemite) and REDOX. We recommend everyone to update to Rust 1.58.1 as soon as possible, especially people developing programs expected to run in privileged contexts (including system daemons and setuid binaries), as those have the highest risk of being aff...
Rust is a multi-paradigm, general-purpose programming language designed for performance and safety, especially safe concurrency. The Rust Security Response WG was notified that the `std::fs::remove_dir_all` standard library function is vulnerable a race condition enabling symlink following (CWE-363). An attacker could use this security issue to trick a privileged program into deleting files and directories the attacker couldn't otherwise access or delete. Rust 1.0.0 through Rust 1.58.0 is affected by this vulnerability with 1.58.1 containing a patch. Note that the following build targets don't have usable APIs to properly mitigate the attack, and are thus still vulnerable even with a patched toolchain: macOS before version 10.10 (Yosemite) and REDOX. We recommend everyone to update to Rust 1.58.1 as soon as possible, especially people developing programs expected to run in privileged contexts (including system daemons and setuid binaries), as those have the highest risk of being affect
Rust is a multi-paradigm, general-purpose programming language designe ...
