Security update for himmelblau

This update for himmelblau fixes the following issues: CVE-2025-5791: Fixed using deprecated users crate bsc1244202 CVE-2025-3416: Fixed use-After-Free in Md::fetch and Cipher::fetch in rust-openssl crate bsc1242648 Update to version 0.7.17+git.0.1ebdab0 Update sccache-action version to use new...

users crate for Rust 安全漏洞

users crate for Rust is an open source library for Rust by ogham. A security vulnerability exists in users crate for Rust that stems from mishandling of group lists, which could lead to elevated privileges...

acct (>=0.2.0 <=0.5.0), afterburn (>=4.1.0 <=4.3.2) +66 more potentially affected by CVE-2025-5791 via users (>=0.8.1 <=0.9.1)

users CARGO version =0.8.1, =0.2.0, =4.1.0, =1.0.0, =0.1.0, =0.1.0, =0.4.2, =0.4.0, =0.7.4, =0.0.1, =0.1.4, =0.4.4, =0.1.0, =0.1.1 and more Source cves: CVE-2025-5791 Source advisory: OSV:RUSTSEC-2025-0040...

PT-2025-23647 · Crates.Io · Users

Affected versions append root to group listings, unless the correct listing has exactly 1024 groups. This affects both: - The supplementary groups of a user - The group access list of the current process If the caller uses this information for access control, this may lead to privilege...

acct (>=0.2.0 <=0.5.0), acid-store (>=0.8.0 <=0.14.2) +279 more potentially affected by unknown CVE via users (>=0.10.0 <=0.9.1)

users CARGO version =0.10.0, =0.2.0, =0.8.0, =0.4.0, =4.1.0, =0.1.0, =1.0.0, =0.1.0, =0.9.0, =0.9.0, =0.1.0, =0.6.2, =0.9.0, =0.2.4, =0.1.0, =0.4.51 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2023-0059...

PT-2023-36091 · Users · Users

Name of the Vulnerable Software and Affected Versions: users affected versions not specified Description: The issue concerns the users crate, which has not been updated since 2020-10-08, and its developer appears to be inactive. Recommendations: At the moment, there is no information about a newe...