Affected versions of this crate violated alignment when casting byte slices to integer slices, resulting in undefined behavior. rand_core::BlockRng::next_u64
and rand_core::BlockRng::fill_bytes
are affected.
The flaw was corrected by Ralf Jung and Diggory Hardy for rand_core >= 0.4.2
.
None.
See Rand’s changelog.
If you have any questions or comments about this advisory, open an issue in the Rand repository.