Rocky Linux: RLSA-2023:4634 rust security update
Summary
An update is available for rust. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list
Rust Toolset provides the Rust programming language compiler rustc, the cargo build tool and dependency manager, and required libraries. Security Fix(es): * rust-cargo: cargo does not respect the umask when extracting dependencies (CVE-2023-38497) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
RPMs
cargo-0:1.66.1-2.el9_2.aarch64.rpm
cargo-0:1.66.1-2.el9_2.ppc64le.rpm
cargo-0:1.66.1-2.el9_2.s390x.rpm
cargo-0:1.66.1-2.el9_2.x86_64.rpm
cargo-debuginfo-0:1.66.1-2.el9_2.aarch64.rpm
cargo-debuginfo-0:1.66.1-2.el9_2.ppc64le.rpm
cargo-debuginfo-0:1.66.1-2.el9_2.s390x.rpm
cargo-debuginfo-0:1.66.1-2.el9_2.x86_64.rpm
clippy-0:1.66.1-2.el9_2.aarch64.rpm
clippy-0:1.66.1-2.el9_2.ppc64le.rpm
clippy-0:1.66.1-2.el9_2.s390x.rpm
clippy-0:1.66.1-2.el9_2.x86_64.rpm
clippy-debuginfo-0:1.66.1-2.el9_2.aarch64.rpm
clippy-debuginfo-0:1.66.1-2.el9_2.ppc64le.rpm
clippy-debuginfo-0:1.66.1-2.el9_2.s390x.rpm
clippy-debuginfo-0:1.66.1-2.el9_2.x86_64.rpm
rust-0:1.66.1-2.el9_2.aarch64.rpm
rust-0:1.66.1-2.el9_2.ppc64le.rpm
rust-0:1.66.1-2.el9_2.s390x.rpm
rust-0:1.66.1-2.el9_2.src.rpm
rust-0:1.66.1-2.el9_2.x86_64.rpm
rust-analysis-0:1.66.1-2.el9_2.aarch64.rpm
rust-analysis-0:1.66.1-2.el9_2.ppc64le.rpm
rust-analysis-0:1.66.1-2.el9_2.s390x.rpm
rust-analysis-0:1.66.1-2.el9_2.x86_64.rpm
rust-analyzer-0:1.66.1-2.el9_2.aarch64.rpm
rust-analyzer-0:1.66.1-2.el9_2.ppc64le.rpm
rust-analyzer-0:1.66.1-2.el9_2.s390x.rpm
rust-analyzer-0:1.66.1-2.el9_2.x86_64.rpm
rust-analyzer-debuginfo-0:1.66.1-2.el9_2.aarch64.rpm
rust-analyzer-debuginfo-0:1.66.1-2.el9_2.ppc64le.rpm
rust-analyzer-debuginfo-0:1.66.1-2.el9_2.s390x.rpm
rust-analyzer-debuginfo-0:1.66.1-2.el9_2.x86_64.rpm
rust-debugger-common-0:1.66.1-2.el9_2.noarch.rpm
rust-debuginfo-0:1.66.1-2.el9_2.aarch64.rpm
rust-debuginfo-0:1.66.1-2.el9_2.ppc64le.rpm
rust-debuginfo-0:1.66.1-2.el9_2.s390x.rpm
rust-debuginfo-0:1.66.1-2.el9_2.x86_64.rpm
rust-debugsource-0:1.66.1-2.el9_2.aarch64.rpm
rust-debugsource-0:1.66.1-2.el9_2.ppc64le.rpm
rust-debugsource-0:1.66.1-2.el9_2.s390x.rpm
rust-debugsource-0:1.66.1-2.el9_2.x86_64.rpm
rust-doc-0:1.66.1-2.el9_2.aarch64.rpm
rust-doc-0:1.66.1-2.el9_2.ppc64le.rpm
rust-doc-0:1.66.1-2.el9_2.s390x.rpm
rust-doc-0:1.66.1-2.el9_2.x86_64.rpm
rustfmt-0:1.66.1-2.el9_2.aarch64.rpm
rustfmt-0:1.66.1-2.el9_2.ppc64le.rpm
rustfmt-0:1.66.1-2.el9_2.s390x.rpm
rustfmt-0:1.66.1-2.el9_2.x86_64.rpm
rustfmt-debuginfo-0:1.66.1-2.el9_2.aarch64.rpm
rustfmt-debuginfo-0:1.66.1-2.el9_2.ppc64le.rpm
rustfmt-debuginfo-0:1.66.1-2.el9_2.s390x.rpm
rustfmt-debuginfo-0:1.66.1-2.el9_2.x86_64.rpm
rust-gdb-0:1.66.1-2.el9_2.noarch.rpm
rust-lldb-0:1.66.1-2.el9_2.noarch.rpm
rust-src-0:1.66.1-2.el9_2.noarch.rpm
rust-std-static-0:1.66.1-2.el9_2.aarch64.rpm
rust-std-static-0:1.66.1-2.el9_2.i686.rpm
rust-std-static-0:1.66.1-2.el9_2.ppc64le.rpm
rust-std-static-0:1.66.1-2.el9_2.s390x.rpm
rust-std-static-0:1.66.1-2.el9_2.x86_64.rpm
rust-std-static-wasm32-unknown-unknown-0:1.66.1-2.el9_2.noarch.rpm
rust-std-static-wasm32-wasi-0:1.66.1-2.el9_2.noarch.rpm
rust-toolset-0:1.66.1-2.el9_2.aarch64.rpm
rust-toolset-0:1.66.1-2.el9_2.ppc64le.rpm
rust-toolset-0:1.66.1-2.el9_2.s390x.rpm
rust-toolset-0:1.66.1-2.el9_2.x86_64.rpm
References
No References
CVEs
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38497
Fixes
https://bugzilla.redhat.com/show_bug.cgi?id=2228038