Alerts This Week
Warning Icon 1 914
Alerts This Week
Warning Icon 1 914

openSUSE: 2022:0843-1 Moderate: Race Condition in Rust 1.58, 1.59

opensuse
Calendar Grey March 15, 2022
Dist Opensuse Esm H88
A recent patch for openSUSE fixes a race condition found in rust versions 1.58 and 1.59. It's recommended to verify your system's security and apply updates quickly
An update that fixes one vulnerability is now available

Description

This update for rust, rust1.58, rust1.59 fixes the following issues:

This update provides both rust1.58 and rust1.59.

Changes in rust1.58:

- Add recommends for GCC for installs to be able to link.

- Add suggests for lld/clang which are faster than gcc for linking to

allow users choice on what they use.

- CVE-2022-21658: Resolve race condition in std::fs::remove_dir_all

(bsc#1194767)

Version 1.58.0 (2022-01-13) =========================

Language

--------

- [Format strings can now capture arguments simply by writing `{ident}` in

the string.][90473] This works in all macros accepting format strings.

Support for this in `panic!` (`panic!("{ident}")`) requires the 2021

edition; panic invocations in previous editions that appear to be trying

to use this will result in a warning lint about not having the intended

effect.

- [`*const T` pointers can now be dereferenced in const contexts.][89551]

- [The rules for when a...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory moderate security update software patch race condition openSUSE rust

Patch

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods

like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 15.4:

zypper in -t patch openSUSE-SLE-15.4-2022-843=1

- openSUSE Leap 15.3:

zypper in -t patch openSUSE-SLE-15.3-2022-843=1

Package List

- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):

cargo-1.59.0-150300.21.20.1

rust-1.59.0-150300.21.20.1

- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):

cargo-1.59.0-150300.21.20.1

cargo1.58-1.58.0-150300.7.3.1

cargo1.58-debuginfo-1.58.0-150300.7.3.1

cargo1.59-1.59.0-150300.7.4.2

cargo1.59-debuginfo-1.59.0-150300.7.4.2

rust-1.59.0-150300.21.20.1

rust1.58-1.58.0-150300.7.3.1

rust1.58-debuginfo-1.58.0-150300.7.3.1

rust1.59-1.59.0-150300.7.4.2

rust1.59-debuginfo-1.59.0-150300.7.4.2

References

https://www.suse.com/security/cve/CVE-2022-21658.html

https://bugzilla.suse.com/1194767

Announcement ID: openSUSE-SU-2022:0843-1
Rating: moderate
Affected Products: openSUSE Leap 15.3 openSUSE Leap 15.4 .

Topics%20covered

Topics Covered

security advisory moderate security update software patch race condition openSUSE rust

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here