--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2022-dc3bd1f656
2022-02-27 02:52:54.757108
--------------------------------------------------------------------------------
Name : rust
Product : Fedora EPEL 7
Version : 1.58.1
Release : 1.el7
URL :
https://www.rust-lang.org
Summary : The Rust Programming Language
Description :
Rust is a systems programming language that runs blazingly fast, prevents
segfaults, and guarantees thread safety.
This package includes the Rust compiler and documentation generator.
--------------------------------------------------------------------------------
Update Information:
Security fix for CVE-2022-21658, a TOCTOU race condition in
`std::fs::remove_dir_all`. Privileged programs should be rebuilt if they use
this function on paths that may be manipulated with lesser privileges. For more
details, see the upstream [security advisory](https://blog.rust-
lang.org/2022/01/20/cve-2022-21658.html). Additional features from 1.58.0: *
Captured identifiers in format strings * More `#[must_use]` in the standard
library * Stabilized APIs See the [blog post](https://blog.rust-
lang.org/2022/01/13/Rust-1.58.0.html) and [release
notes](https://github.com/rust-
lang/rust/blob/master/RELEASES.md#version-1580-2022-01-13) for more details.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 20 2022 Josh Stone <jistone(a)redhat.com> - 1.58.1-1
- Update to 1.58.1.
* Thu Jan 13 2022 Josh Stone <jistone(a)redhat.com> - 1.58.0-1
- Update to 1.58.0.
* Wed Jan 5 2022 Josh Stone <jistone(a)redhat.com> - 1.57.0-2
- Add rust-std-static-i686-pc-windows-gnu
- Add rust-std-static-x86_64-pc-windows-gnu
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2041504 - CVE-2022-21658 rust: Race condition in remove_dir_all leading to
removal of files outside of the directory being removed
https://bugzilla.redhat.com/show_bug.cgi?id=2041504
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update rust' at the command line.
For more information, refer to "YUM", available at
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7\
/html/System_Administrators_Guide/ch-yum.html
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------