Updated rust packages fix security vulnerabilities

2021-06-1400:32:39

Gentoo Foundation

advisories.mageia.org

0.017 Low

EPSS

Percentile

87.7%

JSON

This Rust update to version 1.52.1 includes security fixes for CVE-2020-36323, CVE-2021-28876, CVE-2021-28878, CVE-2021-28879, and CVE-2021-31162. These are memory safety bugs in the Rust standard library. Because it is statically linked, affected applications will need to be rebuilt to benefit from the fixes. The actual security implications will depend on how these APIs are used in each particular case. This update also provides new features and bugfixes included in Rust since the previously packaged version 1.49.0. See the referenced release notes for details. The mozjs78 package is also updated from version 78.7.0 to 78.11.0 (ESR).

OSVersionArchitecturePackageVersionFilename
Mageia8noarchrust< 1.52.1-1rust-1.52.1-1.mga8
Mageia8noarchalacritty< 0.7.1-1.1alacritty-0.7.1-1.1.mga8
Mageia8noarchcargo-c< 0.7.0-1.1cargo-c-0.7.0-1.1.mga8
Mageia8noarchdust< 0.5.1-1.1dust-0.5.1-1.1.mga8
Mageia8noarchlibrsvg< 2.50.3-1.1librsvg-2.50.3-1.1.mga8
Mageia8noarchmozjs68< 68.11.0-1.1mozjs68-68.11.0-1.1.mga8
Mageia8noarchmozjs78< 78.11.0-1mozjs78-78.11.0-1.mga8
Mageia8noarchneovim-gtk< 0.2.0-0.git20190512.2.1neovim-gtk-0.2.0-0.git20190512.2.1.mga8
Mageia8noarchripgrep< 12.1.1-1.1ripgrep-12.1.1-1.1.mga8

OS	Version	Architecture	Package	Version	Filename
Mageia	8	noarch	rust	< 1.52.1-1	rust-1.52.1-1.mga8
Mageia	8	noarch	alacritty	< 0.7.1-1.1	alacritty-0.7.1-1.1.mga8
Mageia	8	noarch	cargo-c	< 0.7.0-1.1	cargo-c-0.7.0-1.1.mga8
Mageia	8	noarch	dust	< 0.5.1-1.1	dust-0.5.1-1.1.mga8
Mageia	8	noarch	librsvg	< 2.50.3-1.1	librsvg-2.50.3-1.1.mga8
Mageia	8	noarch	mozjs68	< 68.11.0-1.1	mozjs68-68.11.0-1.1.mga8
Mageia	8	noarch	mozjs78	< 78.11.0-1	mozjs78-78.11.0-1.mga8
Mageia	8	noarch	neovim-gtk	< 0.2.0-0.git20190512.2.1	neovim-gtk-0.2.0-0.git20190512.2.1.mga8
Mageia	8	noarch	ripgrep	< 12.1.1-1.1	ripgrep-12.1.1-1.1.mga8