GNU bug report logs - #53461
[kiasoc5@tutanota.com: Rust CVE]

Previous Next

Package: guix-patches;

Reported by: Leo Famulari <leo <at> famulari.name>

Date: Sun, 23 Jan 2022 00:31:02 UTC

Severity: normal

Tags: patch

Merged with 54439, 56684

Done: Marius Bakke <marius <at> gnu.org>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: Leo Famulari <leo <at> famulari.name>
To: Maxim Cournoyer <maxim.cournoyer <at> gmail.com>
Cc: 53461 <at> debbugs.gnu.org
Subject: [bug#53461] [kiasoc5 <at> tutanota.com: Rust CVE]
Date: Sun, 23 Jan 2022 14:28:50 -0500

On Sat, Jan 22, 2022 at 10:33:52PM -0500, Maxim Cournoyer wrote:
> The rust-1.57 variable should probably be made private or hidden now.
> 
> Also, unless we rebuild all crates with rust-1.58, it seems to me like
> we won't be addressing the problem, as the CVE touches the
> 'remove_dir_all' procedure part of the standard library of Rust (and we
> all know Rust likes to build things statically).
> 
> Am I missing something?

I don't know about Rust things! I just forwarded this message from the
private list to the public list.

This bug report was last modified 2 years and 343 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.

GNU bug report logs - #53461 [kiasoc5@tutanota.com: Rust CVE]

GNU bug report logs - #53461
[kiasoc5@tutanota.com: Rust CVE]