MGASA-2021-0251
- Source
- https://advisories.mageia.org/MGASA-2021-0251.html
- Import Source
- https://advisories.mageia.org/MGASA-2021-0251.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/MGASA-2021-0251
- Related
- Published
- 2021-06-13T21:32:39Z
- Modified
- 2021-06-13T20:17:14Z
- Summary
- Updated rust packages fix security vulnerabilities
- Details
-
This Rust update to version 1.52.1 includes security fixes for CVE-2020-36323, CVE-2021-28876, CVE-2021-28878, CVE-2021-28879, and CVE-2021-31162. These are memory safety bugs in the Rust standard library. Because it is statically linked, affected applications will need to be rebuilt to benefit from the fixes. The actual security implications will depend on how these APIs are used in each particular case.
This update also provides new features and bugfixes included in Rust since the previously packaged version 1.49.0. See the referenced release notes for details.
The mozjs78 package is also updated from version 78.7.0 to 78.11.0 (ESR).
- References
-
- https://advisories.mageia.org/MGASA-2021-0251.html
- https://bugs.mageia.org/show_bug.cgi?id=29033
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/CZ337CM4GFJLRDFVQCGC7J25V65JXOG5/
- https://blog.rust-lang.org/2021/02/11/Rust-1.50.0.html
- https://blog.rust-lang.org/2021/03/25/Rust-1.51.0.html
- https://blog.rust-lang.org/2021/05/06/Rust-1.52.0.html
- https://blog.rust-lang.org/2021/05/10/Rust-1.52.1.html
- Credits
-
-
- Mageia - COORDINATOR
-