13 matches found
MiracleLinux 8 : rust-toolset:rhel8 (AXSA:2021-2146:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2146:01 advisory. rust: use-after-free or double free in VecDeque::makecontiguous CVE-2020-36318 rust: memory safety violation in String::retain CVE-2020-36317 Tenabl...
Linux Distros Unpatched Vulnerability : CVE-2020-36317
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the standard library in Rust before 1.49.0, String::retain function has a panic safety problem. It allows creation of a non-UTF-8 Rust string when the provid...
RHEL 7 : rust-toolset-1.49 and rust-toolset-1.49-rust update (Low) (RHSA-2021:2243)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:2243 advisory. Rust Toolset provides the Rust programming language compiler rustc, the cargo build tool and dependency manager, the cargo-vendor plugin, an...
Low: Red Hat Security Advisory: rust-toolset-1.49 and rust-toolset-1.49-rust update
New rust-toolset-1.49 packages are now available as a part of Red Hat Developer Tools for Red Hat Enterprise Linux. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
Oracle Linux 8 : rust-toolset:ol8 (ELSA-2021-1935)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-1935 advisory. rust 1.49.0-1 - Update to 1.49.0. 1.48.0-1 - Update to 1.48.0. rust-toolset 1.49.0-1 - Update to Rust and Cargo 1.49.0. 1.48.0-1 - Update to Rust and...
RHEL 8 : rust-toolset:rhel8 (RHSA-2021:1935)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:1935 advisory. Rust is a systems programming language that runs blazingly fast, prevents segfaults, and guarantees thread safety. The following packages ha...
Low: Red Hat Security Advisory: rust-toolset:rhel8 security, bug fix, and enhancement update
An update for the rust-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Low: rust-toolset:rhel8 security, bug fix, and enhancement update
Rust is a systems programming language that runs blazingly fast, prevents segfaults, and guarantees thread safety. The following packages have been upgraded to a later upstream version: rust 1.49.0. BZ1896712 Security Fixes: rust: use-after-free or double free in VecDeque::makecontiguous...
RLSA-2021:1935 Low: rust-toolset:rhel8 security, bug fix, and enhancement update
Rust is a systems programming language that runs blazingly fast, prevents segfaults, and guarantees thread safety. The following packages have been upgraded to a later upstream version: rust 1.49.0. BZ1896712 Security Fixes: rust: use-after-free or double free in VecDeque::makecontiguous...
rust-toolset:rhel8 security, bug fix, and enhancement update
An update is available for rust-toolset, rust. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Rust is a systems programming language that runs blazingly fast,...
CVE-2020-36317 affecting package rust 1.47.0-3
CVE-2020-36317 affecting package rust 1.47.0-3. A patched version of the package is available...
CVE-2020-36317
The CVE-2020-36317 issue affects the Rust standard library prior to 1.49.0, where String::retain() can panic and allow creation of a non-UTF-8 Rust string. This may cause a memory-safety violation when other APIs assume UTF-8 on the same string. Several connected advisories confirm Rust 1.49.0 or...
CVE-2020-36317
In the standard library in Rust before 1.49.0, String::retain function has a panic safety problem. It allows creation of a non-UTF-8 Rust string when the provided closure panics. This bug could result in a memory safety violation when other string APIs assume that UTF-8 encoding is used on the sa...