Download
| Alert*
oval:org.secpod.oval:def:506139
clippy is installed oval:org.secpod.oval:def:506290 Rust Toolset provides the Rust programming language compiler rustc, the cargo build tool and dependency manager, and required libraries. The following packages have been upgraded to a later upstream version: rust . Security Fix: * rust: optimization for joining strings can cause uninitialized bytes ... oval:org.secpod.oval:def:73625 Rust is a systems programming language that runs blazingly fast, prevents segfaults, and guarantees thread safety. The following packages have been upgraded to a later upstream version: rust . Security Fix: * rust: use-after-free or double free in VecDeque::make_contiguous * rust: memory safety vi ... oval:org.secpod.oval:def:4501302 Rust Toolset provides the Rust programming language compiler rustc, the cargo build tool and dependency manager, and required libraries. The following packages have been upgraded to a later upstream version: rust . Security Fix: * rust: incorrect parsing of extraneous zero characters at the beginni ... oval:org.secpod.oval:def:2500513 Rust is a systems programming language that runs blazingly fast, prevents segfaults, and guarantees thread safety. oval:org.secpod.oval:def:1505217 rust-toolset [1.54.0-1] - Update to Rust and Cargo 1.54.0. [1.53.0-1] - Update to Rust and Cargo 1.53.0. rust [1.54.0-2] - Make std-static-wasm* arch-specific to avoid s390x. [1.54.0-1] - Update to 1.54.0. [1.53.0-2] - Use llvm-ranlib to fix wasm archives. [1.53.0-1] - Update to 1.53.0. [1.52.1-2] - ... oval:org.secpod.oval:def:4501270 Rust is a systems programming language that runs blazingly fast, prevents segfaults, and guarantees thread safety. The following packages have been upgraded to a later upstream version: rust . Security Fix: * rust: use-after-free or double free in VecDeque::make_contiguous * rust: memory safety vi ... oval:org.secpod.oval:def:1504913 rust [1.49.0-1] - Update to 1.49.0. [1.48.0-1] - Update to 1.48.0. rust-toolset [1.49.0-1] - Update to Rust and Cargo 1.49.0. [1.48.0-1] - Update to Rust and Cargo 1.48.0. oval:org.secpod.oval:def:4500092 Rust Toolset provides the Rust programming language compiler rustc, the cargo build tool and dependency manager, and required libraries. The following packages have been upgraded to a later upstream version: rust . For more details about the security issue, including the impact, a CVSS score, ackno ... oval:org.secpod.oval:def:1505058 rust [1.52.1-1] - Update to 1.52.1. Includes security fixes for CVE-2020-36323, CVE-2021-28876, CVE-2021-28878, CVE-2021-28879, and CVE-2021-31162. [1.51.0-1] - Update to 1.51.0. Update to 1.51.0. Includes security fixes for CVE-2021-28875 and CVE-2021-28877. [1.50.0-1] - Update to 1.50.0. rust-tool ... oval:org.secpod.oval:def:2500220 Rust Toolset provides the Rust programming language compiler rustc, the cargo build tool and dependency manager, and required libraries. oval:org.secpod.oval:def:507909 Rust Toolset provides the Rust programming language compiler rustc, the cargo build tool and dependency manager, and required libraries. Security Fix: * rust-cargo: cargo does not respect the umask when extracting dependencies For more details about the security issue, including the impact, a CVSS ... oval:org.secpod.oval:def:1701584 Cargo downloads the Rust project's dependencies and compiles the project. Cargo prior to version 0.72.2, bundled with Rust prior to version 1.71.1, did not respect the umask when extracting crate archives on UNIX-like systems. If the user downloaded a crate containing files writeable by any local us ... oval:org.secpod.oval:def:1506971 [1.66.1-2] - rust-cargo: cargo does not respect the umask when extracting dependencies oval:org.secpod.oval:def:1506970 [1.66.1-2] - rust-cargo: cargo does not respect the umask when extracting dependencies oval:org.secpod.oval:def:507913 Rust Toolset provides the Rust programming language compiler rustc, the cargo build tool and dependency manager, and required libraries. Security Fix: * rust-cargo: cargo does not respect the umask when extracting dependencies For more details about the security issue, including the impact, a CVSS ... oval:org.secpod.oval:def:19500388 Cargo downloads the Rust project's dependencies and compiles the project. Cargo prior to version 0.72.2, bundled with Rust prior to version 1.71.1, did not respect the umask when extracting crate archives on UNIX-like systems. If the user downloaded a crate containing files writeable by any local us ... oval:org.secpod.oval:def:1702060 Cargo downloads a Rust project's dependencies and compiles the project. Starting in Rust 1.60.0 and prior to 1.72, Cargo did not escape Cargo feature names when including them in the report generated by `cargo build --timings`. A malicious package included as a dependency may inject nearly arbitrary ... oval:org.secpod.oval:def:19500576 Cargo downloads a Rust project's dependencies and compiles the project. Starting in Rust 1.60.0 and prior to 1.72, Cargo did not escape Cargo feature names when including them in the report generated by `cargo build --timings`. A malicious package included as a dependency may inject nearly arbitrary ... oval:org.secpod.oval:def:19500121 Cargo is a Rust package manager. The Rust Security Response WG was notified that Cargo did not perform SSH host key verification when cloning indexes and dependencies via SSH. An attacker could exploit this to perform man-in-the-middle attacks. This vulnerability has been assigned CVE-2022-46176. A ... oval:org.secpod.oval:def:19500656 libgit2 is a portable C implementation of the Git core methods provided as a linkable library with a solid API, allowing to build Git functionality into your application. Using well-crafted inputs to 'git_revparse_single' can cause the function to enter an infinite loop, potentially causing a Denial ... oval:org.secpod.oval:def:19500651 RUSTSEC-2024-0006 NOTE: https://rustsec.org/advisories/RUSTSEC-2024-0006.html NOTE: https://github.com/comex/rust-shlex/security/advisories/GHSA-r7qv-8r2h-pg27 oval:org.secpod.oval:def:1505674 rust [1.58.1-1] - Update to 1.58.1. [1.58.0-1] - Update to 1.58.0. [1.57.0-1] - Update to 1.57.0. [1.56.1-2] - Add rust-std-static-wasm32-wasi Resolves: rhbz#1980080 [1.56.0-1] - Update to 1.56.1. [1.55.0-1] - Update to 1.55.0. - Backport support for LLVM 13. [1.54.0-2] - Make std-static-wasm* arch- ... oval:org.secpod.oval:def:86343 Rust Toolset provides the Rust programming language compiler rustc, the cargo build tool and dependency manager, and required libraries. Security Fix: * Developer environment: Unicode"s bidirectional override characters can cause trojan source attacks The following changes were introduced in rust ... oval:org.secpod.oval:def:2500328 Rust Toolset provides the Rust programming language compiler rustc, the cargo build tool and dependency manager, and required libraries. oval:org.secpod.oval:def:4501245 Rust Toolset provides the Rust programming language compiler rustc, the cargo build tool and dependency manager, and required libraries. Security Fix: * Developer environment: Unicode"s bidirectional override characters can cause trojan source attacks The following changes were introduced in rust ... oval:org.secpod.oval:def:1505325 rust [1.54.0-3] - Lint against Unicode control codepoints. rust-toolset [1.54.0-1] - Update to Rust and Cargo 1.54.0. [1.53.0-1] - Update to Rust and Cargo 1.53.0. |