Login
Newsletter
Werbung

Sicherheit: Ausführen beliebiger Kommandos in rust
Aktuelle Meldungen Distributionen
Name: Ausführen beliebiger Kommandos in rust
ID: FEDORA-2018-f38d1cb219
Distribution: Fedora
Plattformen: Fedora 27
Datum: Fr, 20. Juli 2018, 23:49
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000622
Applikationen: Rust

Originalnachricht

-------------------------------------------------------------------------------
-
Fedora Update Notification
FEDORA-2018-f38d1cb219
2018-07-20 16:57:33.327680
-------------------------------------------------------------------------------
-

Name : rust
Product : Fedora 27
Version : 1.27.1
Release : 2.fc27
URL : https://www.rust-lang.org
Summary : The Rust Programming Language
Description :
Rust is a systems programming language that runs blazingly fast, prevents
segfaults, and guarantees thread safety.

This package includes the Rust compiler and documentation generator.

-------------------------------------------------------------------------------
-
Update Information:

Update to 1.27.1. Security fix for CVE-2018-1000622
-------------------------------------------------------------------------------
-
ChangeLog:

* Tue Jul 10 2018 Josh Stone <jistone@redhat.com> - 1.27.1-2
- Update to 1.27.1.
* Thu Jun 21 2018 Josh Stone <jistone@redhat.com> - 1.27.0-1
- Update to 1.27.0.
* Wed Jun 6 2018 Josh Stone <jistone@redhat.com> - 1.26.2-3
- Update to 1.26.2.
* Tue May 29 2018 Josh Stone <jistone@redhat.com> - 1.26.1-2
- Update to 1.26.1.
* Thu May 10 2018 Josh Stone <jistone@redhat.com> - 1.26.0-1
- Update to 1.26.0.
* Mon Apr 16 2018 Dan Callaghan <dcallagh@redhat.com> - 1.25.0-3
- Add cargo, rls, and analysis
* Tue Apr 10 2018 Josh Stone <jistone@redhat.com> - 1.25.0-2
- Filter codegen-backends from Provides too.
* Thu Mar 29 2018 Josh Stone <jistone@redhat.com> - 1.25.0-1
- Update to 1.25.0.
* Thu Mar 1 2018 Josh Stone <jistone@redhat.com> - 1.24.1-1
- Update to 1.24.1.
* Wed Feb 21 2018 Josh Stone <jistone@redhat.com> - 1.24.0-3
- Backport a rebuild fix for rust#48308.
* Mon Feb 19 2018 Josh Stone <jistone@redhat.com> - 1.24.0-2
- rhbz1546541: drop full-bootstrap; cmp libs before symlinking.
- Backport pr46592 to fix local_rebuild bootstrapping.
- Backport pr48362 to fix relative/absolute libdir.
* Thu Feb 15 2018 Josh Stone <jistone@redhat.com> - 1.24.0-1
- Update to 1.24.0.
* Mon Feb 12 2018 Iryna Shcherbina <ishcherb@redhat.com> - 1.23.0-4
- Update Python 2 dependency declarations to new packaging standards
(See https://fedoraproject.org/wiki/FinalizingFedoraSwitchtoPython3)
* Tue Feb 6 2018 Josh Stone <jistone@redhat.com> - 1.23.0-3
- Use full-bootstrap to work around a rebuild issue.
- Patch binaryen for GCC 8
* Thu Feb 1 2018 Igor Gnatenko <ignatenkobrain@fedoraproject.org> -
1.23.0-2
- Switch to %ldconfig_scriptlets
* Mon Jan 8 2018 Josh Stone <jistone@redhat.com> - 1.23.0-1
- Update to 1.23.0.
* Thu Nov 23 2017 Josh Stone <jistone@redhat.com> - 1.22.1-1
- Update to 1.22.1.
* Thu Oct 12 2017 Josh Stone <jistone@redhat.com> - 1.21.0-1
- Update to 1.21.0.
-------------------------------------------------------------------------------
-
References:

[ 1 ] Bug #1597063 - CVE-2018-1000622 rust: rustdoc loads plugins from world
writable directory allowing for arbitrary code execution
https://bugzilla.redhat.com/show_bug.cgi?id=1597063
-------------------------------------------------------------------------------
-

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2018-f38d1cb219' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XGNTTNAB73JZ2E33GMUOKINHAZ3KSSVJ/
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung