Explore top 10 tips to secure your open-source projects now. Read More
×
This update for rust fixes the following issues: - CVE-2018-1000622: rustdoc loads plugins from world writable directory allowing for arbitrary code execution This patch consists of requiring `--plugin-path` to be passed whenever `--plugin` is passed Note that rustdoc plugins will be removed entirely on 1.28.0 (bsc#1100691). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Development Tools 15: zypper in -t patch SUSE-SLE-Module-Development-Tools-15-2018-2403=1 Package List: - SUSE Linux Enterprise Module for Development Tools 15 (aarch64 ppc64le s390x x86_64): rust-1.24.1-3.6.1
#1100691
Cross- CVE-2018-1000622
Affected Products:
SUSE Linux Enterprise Module for Development Tools 15
https://www.suse.com/security/cve/CVE-2018-1000622.html
https://bugzilla.suse.com/1100691
Get the latest Linux and open source security news straight to your inbox.