bug#47544: rust-slice-deque is vulnerable to CVE-2021-29938

bug-guix

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#47544: rust-slice-deque is vulnerable to CVE-2021-29938

From:	Léo Le Bouter
Subject:	bug#47544: rust-slice-deque is vulnerable to CVE-2021-29938
Date:	Thu, 01 Apr 2021 16:08:47 +0200
User-agent:	Evolution 3.34.2

CVE-2021-29938  07:15
An issue was discovered in the slice-deque crate through 2021-02-19 for
Rust. A double drop can occur in SliceDeque::drain_filter upon a panic
in a predicate function.

Upstream PR: https://github.com/gnzlbg/slice_deque/pull/91

I suggest we wait for merge then update our package.

signature.asc
Description: This is a digitally signed message part

[Prev in Thread]

Current Thread

[Next in Thread]

bug#47544: rust-slice-deque is vulnerable to CVE-2021-29938, Léo Le Bouter <=

Prev by Date: bug#47543: “Repeated allocation of very large block” during ‘guix pull’
Next by Date: bug#47451: Guix pull building lz4-1.9.3 fails
Previous by thread: bug#47543: “Repeated allocation of very large block” during ‘guix pull’
Next by thread: bug#47451: Guix pull building lz4-1.9.3 fails
Index(es):
- Date
- Thread