MGASA-2021-0517
- Source
- https://advisories.mageia.org/MGASA-2021-0517.html
- Import Source
- https://advisories.mageia.org/MGASA-2021-0517.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/MGASA-2021-0517
- Related
- Published
- 2021-11-20T19:31:06Z
- Modified
- 2021-11-20T18:56:40Z
- Summary
- Updated rust packages fix security vulnerability
- Details
-
Updated rust packages fix security vulnerability
This update mitigates a security concern in the Unicode standard, affecting source code containing "bidirectional override" Unicode codepoints: in some cases the use of those codepoints could lead to the reviewed code being different than the compiled code (CVE-2021-42574).
rustc mitigates the issue by issuing two new deny-by-default lints detecting the affected codepoints in string literals and in comments. The lints will prevent source code files containing those codepoints from being compiled, protecting developers and users from the attack.
This update also provides new features and bugfixes included in Rust since the previously packaged version 1.51.1. See the referenced release notes for details.
- References
-
- https://advisories.mageia.org/MGASA-2021-0517.html
- https://bugs.mageia.org/show_bug.cgi?id=29616
- https://www.openwall.com/lists/oss-security/2021/11/01/1
- https://blog.rust-lang.org/2021/05/06/Rust-1.52.0.html
- https://blog.rust-lang.org/2021/06/17/Rust-1.53.0.html
- https://blog.rust-lang.org/2021/07/29/Rust-1.54.0.html
- https://blog.rust-lang.org/2021/09/09/Rust-1.55.0.html
- https://blog.rust-lang.org/2021/10/21/Rust-1.56.0.html
- https://blog.rust-lang.org/2021/11/01/Rust-1.56.1.html
- Credits
-
-
- Mageia - COORDINATOR
-