Security update for rust, rust1.58, rust1.59 (moderate)

An update that fixes one vulnerability is now available.

Description:

This update for rust, rust1.58, rust1.59 fixes the following issues:

This update provides both rust1.58 and rust1.59.

Changes in rust1.58:

• Add recommends for GCC for installs to be able to link.
• Add suggests for lld/clang which are faster than gcc for linking to
  allow users choice on what they use.
• CVE-2022-21658: Resolve race condition in std::fs::remove_dir_all
  (bsc#1194767)

Version 1.58.0 (2022-01-13) ==========================

Language

• [Format strings can now capture arguments simply by writing {ident} in
  the string.][90473] This works in all macros accepting format strings.
  Support for this in panic! (panic!("{ident}")) requires the 2021
  edition; panic invocations in previous editions that appear to be trying
  to use this will result in a warning lint about not having the intended
  effect.
• [*const T pointers can now be dereferenced in const contexts.][89551]
• [The rules for when a generic struct implements Unsize have been
  relaxed.][90417] Compiler

---

• [Add LLVM CFI support to the Rust compiler][89652]
• [Stabilize -Z strip as -C strip][90058]. Note that while release builds
  already don’t add debug symbols for the code you compile, the compiled
  standard library that ships with Rust includes debug symbols, so you may
  want to use the strip option to remove these symbols to produce
  smaller release binaries. Note that this release only includes support
  in rustc, not directly in cargo.
• [Add support for LLVM coverage mapping format versions 5 and 6][91207]
• [Emit LLVM optimization remarks when enabled with -Cremark][90833]
• [Update the minimum external LLVM to 12][90175]
• [Add x86_64-unknown-none at Tier 3*][89062]
• [Build musl dist artifacts with debuginfo enabled][90733]. When building
  release binaries using musl, you may want to use the newly stabilized
  strip option to remove these debug symbols, reducing the size of your
  binaries.
• [Don’t abort compilation after giving a lint error][87337]
• [Error messages point at the source of trait bound obligations in more
  places][89580] * Refer to Rust’s [platform support
  page][platform-support-doc] for more information on Rust’s tiered
  platform support.

Libraries

• [All remaining functions in the standard library have #[must_use]
  annotations where appropriate][89692], producing a warning when ignoring
  their return value. This helps catch mistakes such as expecting a
  function to mutate a value in place rather than return a new value.
• [Paths are automatically canonicalized on Windows for operations that
  support it][89174]
• [Re-enable debug checks for copy and copy_nonoverlapping][90041]
• [Implement RefUnwindSafe for Rc<T>][87467]
• [Make RSplit<T, P>: Clone not require T: Clone][90117]
• [Implement Termination for Result<Infallible, E>][88601]. This
  allows writing fn main() -> Result<Infallible, ErrorType>, for a
  program whose successful exits never involve returning from main (for
  instance, a program that calls exit, or that uses exec to run
  another program).

Stabilized APIs

• [Metadata::is_symlink]
• [Path::is_symlink]
• [{integer}::saturating_div]
• [Option::unwrap_unchecked]
• [Result::unwrap_unchecked]
• [Result::unwrap_err_unchecked]
• [NonZero{unsigned}::is_power_of_two]
• [File::options] These APIs are now usable in const contexts:
• [Duration::new]
• [Duration::checked_add]
• [Duration::saturating_add]
• [Duration::checked_sub]
• [Duration::saturating_sub]
• [Duration::checked_mul]
• [Duration::saturating_mul]
• [Duration::checked_div]
• [MaybeUninit::as_ptr]
• [MaybeUninit::as_mut_ptr]
• [MaybeUninit::assume_init]
• [MaybeUninit::assume_init_ref]

Cargo

• [Add --message-format for install command][cargo/10107]
• [Warn when alias shadows external subcommand][cargo/10082]

Rustdoc

• [Show all Deref implementations recursively in rustdoc][90183]
• [Use computed visibility in rustdoc][88447]

Compatibility Notes

• [Try all stable method candidates first before trying unstable
  ones][90329]. This change ensures that adding new nightly-only methods
  to the Rust standard library will not break code invoking methods of the
  same name from traits outside the standard library.
• Windows: [std::process::Command will no longer search the current
  directory for executables.][87704]
• [All proc-macro backward-compatibility lints are now
  deny-by-default.][88041]
• [proc_macro: Append .0 to unsuffixed float if it would otherwise become
  int token][90297]
• [Refactor weak symbols in std::sys::unix][90846]. This optimizes
  accesses to glibc functions, by avoiding the use of dlopen. This does
  not increase the minimum expected version of
  glibc.
  However, software distributions that use symbol versions to detect
  library dependencies, and which take weak symbols into account in that
  analysis, may detect rust binaries as requiring newer versions of glibc.
• [rustdoc now rejects some unexpected semicolons in doctests][91026]

Version 1.59.0 (2022-02-24) ==========================

Language

• [Stabilize default arguments for const generics][90207]
• [Stabilize destructuring assignment][90521]
• [Relax private in public lint on generic bounds and where clauses of
  trait impls][90586]
• [Stabilize asm! and global_asm! for x86, x86_64, ARM, Aarch64, and
  RISC-V][91728]

Compiler

• [Stabilize new symbol mangling format, leaving it opt-in
  (-Csymbol-mangling-version=v0)][90128]
• [Emit LLVM optimization remarks when enabled with -Cremark][90833]
• [Fix sparc64 ABI for aggregates with floating point members][91003]
• [Warn when a #[test]-like built-in attribute macro is present multiple
  times.][91172]
• [Add support for riscv64gc-unknown-freebsd][91284]
• [Stabilize -Z emit-future-incompat as --json future-incompat][91535]

Libraries

• [Remove unnecessary bounds for some Hash{Map,Set} methods][91593]

Stabilized APIs

• [std::thread::available_parallelism][available_parallelism]
• [Result::copied][result-copied]
• [Result::cloned][result-cloned]
• [arch::asm!][asm]
• [arch::global_asm!][global_asm]
• [ops::ControlFlow::is_break][is_break]
• [ops::ControlFlow::is_continue][is_continue]
• [TryFrom<char> for u8][try_from_char_u8]
• [char::TryFromCharError][try_from_char_err] implementing Clone,
  Debug, Display, PartialEq, Copy, Eq, Error
• [iter::zip][zip]
• [NonZeroU8::is_power_of_two][is_power_of_two8]
• [NonZeroU16::is_power_of_two][is_power_of_two16]
• [NonZeroU32::is_power_of_two][is_power_of_two32]
• [NonZeroU64::is_power_of_two][is_power_of_two64]
• [NonZeroU128::is_power_of_two][is_power_of_two128]
• [DoubleEndedIterator for ToLowercase][lowercase]
• [DoubleEndedIterator for ToUppercase][uppercase]
• [TryFrom<&mut [T]> for [T; N]][tryfrom_ref_arr]
• [UnwindSafe for Once][unwindsafe_once]
• [RefUnwindSafe for Once][refunwindsafe_once]
• [armv8 neon intrinsics for aarch64][stdarch/1266] Const-stable:
• [mem::MaybeUninit::as_ptr][muninit_ptr]
• [mem::MaybeUninit::assume_init][muninit_init]
• [mem::MaybeUninit::assume_init_ref][muninit_init_ref]
• [ffi::CStr::from_bytes_with_nul_unchecked][cstr_from_bytes]

Cargo

• [Stabilize the strip profile option][cargo/10088]
• [Stabilize future-incompat-report][cargo/10165]
• [Support abbreviating --release as -r][cargo/10133]
• [Support term.quiet configuration][cargo/10152]
• [Remove --host from cargo {publish,search,login}][cargo/10145]

Compatibility Notes

• [Refactor weak symbols in std::sys::unix][90846] This may add new,
  versioned, symbols when building with a newer glibc, as the standard
  library uses weak linkage rather than dynamically attempting to load
  certain symbols at runtime.
• [Deprecate crate_type and crate_name nested inside
  #![cfg_attr]][83744] This adds a future compatibility lint to
  supporting the use of cfg_attr wrapping either crate_type or crate_name
  specification within Rust files; it is recommended that users migrate to
  setting the equivalent command line flags.
• [Remove effect of #[no_link] attribute on name resolution][92034] This
  may expose new names, leading to conflicts with preexisting names in a
  given namespace and a compilation failure.
• [Cargo will document libraries before binaries.][cargo/10172]
• [Respect doc=false in dependencies, not just the root crate][cargo/10201]
• [Weaken guarantee around advancing underlying iterators in zip][83791]
• [Make split_inclusive() on an empty slice yield an empty output][89825]
• [Update std::env::temp_dir to use GetTempPath2 on Windows when
  available.][89999]

Changes in rust wrapper package:

• Update to version 1.59.0 - for details see the rust1.59 package

• Update package description to help users choose what tooling to install.

• Provide rust+cargo by cargo: all cargo<n> package provide this symbol
  too. Having the meta package provide it allows OBS to have a generic
  prefernece on the meta package for all packages ‘just’ requiring
  rust+cargo.

• Update to version 1.58.0

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.

Alternatively you can run the command listed for your product:

• openSUSE Leap 15.4:

  zypper in -t patch openSUSE-SLE-15.4-2022-843=1

• openSUSE Leap 15.3:

  zypper in -t patch openSUSE-SLE-15.3-2022-843=1