SVG nanosvg Library Memory Corruption / Denial Of Service

The SVG library nanosvg 0 suffers from a memory corruption bug that can lead to at least DoS. The bug exists in the nsvgparseColorRGB function, which can be reached by parsing a malicious SVG file through nsvgParseFromFile or nsvgParse. This should also affect libraries/packages that provide...

SUSE-RU-2019:0386-1 Security update for rust

Rust was updated to version 1.31.1...

Fedora 28 : rust (2018-0071ad34f4)

Security fix for buffer overflow in str::repeat Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

Fedora 29 : rust (2018-63fd68397e)

Security fix for buffer overflow in str::repeat Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

SUSE SLED15 / SLES15 Security Update : rust (SUSE-SU-2018:3357-1)

This update for rust fixes the following issues : CVE-2018-1000622: rustdoc loads plugins from world-writable directory allowing for arbitrary code execution This patch consists of requiring --plugin-path to be passed whenever --plugin is passed Note that rustdoc plugins will be removed entirely ...

GLSA-201812-11 : Rust: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201812-11 Rust: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Rust. Please review the CVE identifiers referenced below for details. Impact : A remote attacker able to control the value passed to Rusts...

Rust: Multiple vulnerabilities

Background A systems programming language that runs blazingly fast, prevents segfaults, and guarantees thread safety. Description Multiple vulnerabilities have been discovered in Rust. Please review the CVE identifiers referenced below for details. Impact A remote attacker able to control the val...

RUSTSEC-2018-0011 Enum repr causing potential memory corruption

The attribute repr added to enums to be compatible with C-FFI caused memory corruption on MSVC toolchain. arrayfire crates = version 3.5.0 do not have this issue when used with Rust versions 1.27 or earlier. The issue only started to appear since Rust version 1.28. The issue seems to be interlink...

Enum repr causing potential memory corruption

The attribute repr added to enums to be compatible with C-FFI caused memory corruption on MSVC toolchain. arrayfire crates = version 3.5.0 do not have this issue when used with Rust versions 1.27 or earlier. The issue only started to appear since Rust version 1.28. The issue seems to be interlink...

HPGO (=0.9.2), IMAPServer (=0.1.0) +2576 more potentially affected by unknown CVE via term (>=0.1.13 <=0.6.1)

term CARGO version =0.1.13, =0.1.0, =0.4.1, =0.2.1, =0.0.1, =0.2.1, =0.1.4, =2.1.0, =0.6.0, =0.19.0 - adivon =0.2.6 - admiral =0.1.0 - admiral-derive =0.1.0 - admiral-types =0.1.0 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2018-0015...

Moderate: Red Hat Enhancement Advisory: new packages: rust-toolset-1.29

New rust-toolset-1.29 packages are now available as a part of Red Hat Developer Tools for Red Hat Enterprise Linux. Rust Toolset provides the Rust programming language compiler rustc, the cargo build tool and dependency manager, the cargo-vendor plugin, and required libraries. This enhancement...

openSUSE Security Update : rust (openSUSE-2018-1279)

This update for rust fixes the following issues : - CVE-2018-1000622: rustdoc loads plugins from world-writable directory allowing for arbitrary code execution This patch consists of requiring --plugin-path to be passed whenever --plugin is passed Note that rustdoc plugins will be removed entirel...

openSUSE: Security Advisory for rust (openSUSE-SU-2018:3451-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Security update for rust (moderate)

This update for rust fixes the following issues: - CVE-2018-1000622: rustdoc loads plugins from world writable directory allowing for arbitrary code execution This patch consists of requiring --plugin-path to be passed whenever --plugin is passed Note that rustdoc plugins will be removed entirely...

SUSE-SU-2018:3357-1 Security update for rust

This update for rust fixes the following issues: - CVE-2018-1000622: rustdoc loads plugins from world writable directory allowing for arbitrary code execution This patch consists of requiring --plugin-path to be passed whenever --plugin is passed Note that rustdoc plugins will be removed entirely...

Updated rust packages fix security vulnerability

Updated rust packages fix security vulnerability The Rust Programming Language Standard Library before version 1.29.1 contains a CWE-680: Integer Overflow to Buffer Overflow vulnerability in the standard library that can result in buffer overflow. This attack appear to be exploitable via...

MGASA-2018-0407 Updated rust packages fix security vulnerability

Updated rust packages fix security vulnerability The Rust Programming Language Standard Library before version 1.29.1 contains a CWE-680: Integer Overflow to Buffer Overflow vulnerability in the standard library that can result in buffer overflow. This attack appear to be exploitable via...

Fedora 27 : rust (2018-69cce46328)

Security fix for buffer overflow in str::repeat Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

DEBIAN-CVE-2018-1000810

The Rust Programming Language Standard Library version 1.29.0, 1.28.0, 1.27.2, 1.27.1, 127.0, 126.2, 126.1, 126.0 contains a CWE-680: Integer Overflow to Buffer Overflow vulnerability in standard library that can result in buffer overflow. This attack appear to be exploitable via str::repeat,...

CVE-2018-1000810

The Rust Programming Language Standard Library version 1.29.0, 1.28.0, 1.27.2, 1.27.1, 127.0, 126.2, 126.1, 126.0 contains a CWE-680: Integer Overflow to Buffer Overflow vulnerability in standard library that can result in buffer overflow. This attack appear to be exploitable via str::repeat,...