openSUSE Security Update : java-1_8_0-openjdk (openSUSE-2020-2083)

This update for java-180-openjdk fixes the following issues : - Fix regression '8250861: Crash in MinINode::IdealPhaseGVN, bool', introduced in October 2020 CPU. - Update to version jdk8u272 icedtea 3.17.0 July 2020 CPU, bsc1174157, and October 2020 CPU, bsc1177943 - New features + JDK-8245468: A...

RUSTSEC-2020-0142 Send bound needed on T (for Send impl of `Bucket2`)

Affected versions of this crate unconditionally implements Send for Bucket2. This allows sending non-Send types to other threads. This can lead to data races when non Send types like Cell or Rc are contained inside Bucket2 and sent across thread boundaries. The data races can potentially lead to...

Send bound needed on T (for Send impl of `Bucket2`)

Affected versions of this crate unconditionally implements Send for Bucket2. This allows sending non-Send types to other threads. This can lead to data races when non Send types like Cell or Rc are contained inside Bucket2 and sent across thread boundaries. The data races can potentially lead to...

CVE

This is a collection of HTML files from a blog about reverse engineering and security. The files are dated from August 2019 to September 2019 and appear to be written in Chinese. The content includes various topics such as: Creating and finding SEH Structured Exception Handler in Windows Input...

CVE-2020-26235

In Rust time crate from version 0.2.7 and before version 0.2.23, unix-like operating systems may segfault due to dereferencing a dangling pointer in specific circumstances. This requires the user to set any environment variable in a different thread than the affected functions. The affected...

CVE-2020-26235

In Rust time crate from version 0.2.7 and before version 0.2.23, unix-like operating systems may segfault due to dereferencing a dangling pointer in specific circumstances. This requires the user to set any environment variable in a different thread than the affected functions. The affected...

CVE-2020-26235

CVE-2020-26235 affects the Rust time crate: versions 0.2.7 through before 0.2.23 can segfault on unix-like OSes when an environment variable is set from another thread, due to a dangling pointer dereference. Affected functions include time::UtcOffset::local_offset_at, try_local_offset_at, current...

CVE-2020-26235

In Rust time crate from version 0.2.7 and before version 0.2.23, unix-like operating systems may segfault due to dereferencing a dangling pointer in specific circumstances. This requires the user to set any environment variable in a different thread than the affected functions. The affected...

CVE-2020-26235 Segmentation fault in Rust time crate

In Rust time crate from version 0.2.7 and before version 0.2.23, unix-like operating systems may segfault due to dereferencing a dangling pointer in specific circumstances. This requires the user to set any environment variable in a different thread than the affected functions. The affected...

Rust time crate code issue vulnerability

Rust is a general-purpose, compiled programming language. A security vulnerability exists in Rust time crate versions 0.2.7 through 0.2.23, which stems from the possibility that the unix operating system may experience a segmentation fault due to the dereferencing of a dangling pointer in a...

CVE-2020-26235

In Rust time crate from version 0.2.7 and before version 0.2.23, unix-like operating systems may segfault due to dereferencing a dangling pointer in specific circumstances. This requires the user to set any environment variable in a different thread than the affected functions. The affected...

RUSTSEC-2020-0071 Potential segfault in the time crate

Impact The affected functions set environment variables without synchronization. On Unix-like operating systems, this can crash in multithreaded programs. Programs may segfault due to dereferencing a dangling pointer if an environment variable is read in a different thread than the affected...

RUSTSEC-2020-0135 Slock<T> allows sending non-Send types across thread boundaries

Slock unconditionally implements Send/Sync. Affected versions of this crate allows sending non-Send types to other threads, which can lead to data races and memory corruption due to the data race...

Slock<T> allows sending non-Send types across thread boundaries

Slock unconditionally implements Send/Sync. Affected versions of this crate allows sending non-Send types to other threads, which can lead to data races and memory corruption due to the data race...

RUSTSEC-2020-0136 CopyCell lacks bounds on its Send trait allowing for data races

CopyCell is a Cell-like type that is implemented for any type T that is Copyable. It's Send trait has no bounds on the contained type. As not all Copyable types are thread safe, for example non-mutable references implement the Copy trait, it is possible to send references to types with interior...

CopyCell lacks bounds on its Send trait allowing for data races

CopyCell is a Cell-like type that is implemented for any type T that is Copyable. It's Send trait has no bounds on the contained type. As not all Copyable types are thread safe, for example non-mutable references implement the Copy trait, it is possible to send references to types with interior...

Send/Sync bound needed on T for Send/Sync impl of RcuCell<T>

Affected versions of this crate unconditionally implement Send/Sync for RcuCell. This allows users to send T: !Send to other threads while T enclosed within RcuCell, and allows users to concurrently access T: !Sync by using the APIs of RcuCell that provide access to &T. This can result in memory...

RUSTSEC-2020-0159 Potential segfault in `localtime_r` invocations

Impact Unix-like operating systems may segfault due to dereferencing a dangling pointer in specific circumstances. This requires an environment variable to be set in a different thread than the affected functions. This may occur without the user's knowledge, notably in a third-party library...

RUSTSEC-2020-0121 AtomicBox<T> implements Send/Sync for any `T: Sized`

Affected versions of this crate implements Send/Sync for AtomicBox without requiring T: Send/T: Sync. This allows to create data races to T: !Sync and send T: !Send to another thread. Such behavior breaks the compile-time thread safety guarantees of Rust, and allows users to incur undefined...

RUSTSEC-2020-0120 `Decoder<R>` can carry `R: !Send` to other threads

Affected versions of this crate implements Send for Decoder for any R: Read. This allows Decoder to contain R: !Send and carry move it to another thread. This can result in undefined behavior such as memory corruption from data race on R, or dropping R = MutexGuard from a thread that didn't lock...