[SECURITY] Fedora 42 Update: rust-sequoia-git-0.6.0-1.fc42

A tool for managing and enforcing a commit signing policy...

[SECURITY] Fedora 43 Update: rust-sequoia-git-0.6.0-1.fc43

A tool for managing and enforcing a commit signing policy...

RUSTSEC-2026-0127 Integer overflow in `array::ReadWrite::new()` leading to potential memory corruption

In array::ReadWrite::new line 83 of accessor/src/array.rs, let bytes = mem::sizeof:: len can overflow usize when len is very large. In release mode, this silently wraps, potentially making bytes = 0. The mapper then maps with 0 bytes, and subsequent accesses e.g. readvolatileat lead to undefined...

RUSTSEC-2026-0132 Potential out-of-bounds write via public `Context` fields

The Context struct has all fields public pub dlen, pub digest, etc.. Code from other modules within the same crate can directly modify dlen to a value exceeding the digest vector length. When reset is subsequently called, self.digestself.dlen as usize = 0 becomes an out-of-bounds write. Withdrawa...

Invalid pointer arithmetic in `iter()` and `iter_mut()`

The iter and itermut APIs compute current = &children0 as const const RawAutoChild.sub1, which performs pointer subtraction going before the start of the allocation. This is undefined behavior per Rust's pointer arithmetic rules. This can be triggered through safe public APIs — iter and itermut —...

Null-pointer dereference and double-free via safe APIs

Two soundness violations exist in the Rust bindings for MetaCall: Null-pointer dereference: MetaCallFuture::newraw accepts a raw pointer without validation. The Debug impl calls Box::fromrawself.data on it. Passing a null pointer causes the Debug impl to construct a NonNull from null, producing...

[SECURITY] Fedora 44 Update: rust-openssl-sys-0.9.114-1.fc44

FFI bindings to OpenSSL...

[SECURITY] Fedora 44 Update: rust-openssl-0.10.78-1.fc44

OpenSSL bindings...

[SECURITY] Fedora 42 Update: rust-openssl-sys-0.9.114-1.fc42

FFI bindings to OpenSSL...

[SECURITY] Fedora 42 Update: rust-openssl-0.10.78-1.fc42

OpenSSL bindings...

[SECURITY] Fedora 43 Update: rust-openssl-0.10.78-1.fc43

OpenSSL bindings...

[SECURITY] Fedora 43 Update: rust-openssl-sys-0.9.114-1.fc43

FFI bindings to OpenSSL...

Fedora 42 : rust-openssl / rust-openssl-sys (2026-76f57efeef)

The remote Fedora 42 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2026-76f57efeef advisory. Update the openssl crate to version 0.10.78 and the openssl-sys crate to version 0.9.114. Release notes: - openssl 0.10.77 / openssl-sys 0.9.113:...

Moderate: Red Hat Security Advisory: Red Hat Hardened Images RPMs Security Update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: rust-rpm-sequoia: rpm-sequoia-1.10.1.1-1.2.hum1 aarch64, x8664 rpm-sequoia-devel-1.10.1.1-1.2.hum1 aarch64, x8664 rust-rpm-sequoia-1.10.1.1-1.2.hum1.src src Security Fixes: rust-rpm-sequoia:...

[SECURITY] Fedora 44 Update: rust-rustls-webpki-0.103.13-1.fc44

Web PKI X.509 Certificate Verification...

[SECURITY] Fedora 43 Update: rust-rustls-webpki-0.103.13-1.fc43

Web PKI X.509 Certificate Verification...

[SECURITY] Fedora 42 Update: rust-rustls-webpki-0.103.13-1.fc42

Web PKI X.509 Certificate Verification...

Fedora 44 : rust-rustls-webpki (2026-8f36b2341e)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-8f36b2341e advisory. Update to version 0.103.13. Addresses RUSTSEC-2026-0098, RUSTSEC-2026-0099, RUSTSEC-2026-0104. ---- Update to version 0.103.10. Addresses RUSTSEC-2026-0049...

Exploit for CVE-2026-31431

copyfail-rs A Rust implementation of the Copy Fail exploi...

armature-diesel (=0.1.0), authzen-diesel (=0.1.0-alpha.0) +13 more potentially affected by unknown CVE via diesel-async (>=0.1.1 <=0.5.2)

diesel-async CARGO version =0.1.1, =0.1.0, =0.17.0, =0.17.0, =0.17.0, =0.11.0, =0.0.1, =0.1.0, =0.2.0 Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2026-0138...