Explore top 10 tips to secure your open-source projects now. Read More
×
Update to Rust 1.96.0: New Range* types Assert matching patterns Changes to WebAssembly targets Stabilized APIs. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-d7436d12ae 2026-06-11 01:08:40.189427+00:00 -------------------------------------------------------------------------------- Name : rust Product : Fedora 43 Version : 1.96.0 Release : 1.fc43 URL : https://www.rust-lang.org Summary : The Rust Programming Language Description : Rust is a systems programming language that runs blazingly fast, prevents segfaults, and guarantees thread safety. This package includes the Rust compiler and documentation generator. -------------------------------------------------------------------------------- Update Information: Update to Rust 1.96.0: New Range* types Assert matching patterns Changes to WebAssembly targets Stabilized APIs Cargo CVE-2026-5222 and CVE-2026-5223 for third-party registries. See the blog post and release notes for more details. -------------------------------------------------------------------------------- ChangeLog: * Mon Jun 1 2026 Josh Stone - 1.96.0-1 - Update to Rust 1.96.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2458926 - rust-1.96.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2458926 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-d7436d12ae' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Update to Rust 1.96.0: New Range* types Assert matching patterns Changes to WebAssembly targets Stabilized APIs. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-e251935c8f 2026-06-06 01:02:02.289310+00:00 -------------------------------------------------------------------------------- Name : rust Product : Fedora 44 Version : 1.96.0 Release : 1.fc44 URL : https://www.rust-lang.org Summary : The Rust Programming Language Description : Rust is a systems programming language that runs blazingly fast, prevents segfaults, and guarantees thread safety. This package includes the Rust compiler and documentation generator. -------------------------------------------------------------------------------- Update Information: Update to Rust 1.96.0: New Range* types Assert matching patterns Changes to WebAssembly targets Stabilized APIs Cargo CVE-2026-5222 and CVE-2026-5223 for third-party registries. See the blog post and release notes for more details. -------------------------------------------------------------------------------- ChangeLog: * Mon Jun 1 2026 Josh Stone - 1.96.0-1 - Update to Rust 1.96.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2458926 - rust-1.96.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2458926 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-e251935c8f' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Update to Rust 1.96.0: New Range* types Assert matching patterns Changes to WebAssembly targets Stabilized APIs. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-e251935c8f 2026-06-06 01:02:02.289310+00:00 -------------------------------------------------------------------------------- Name : rust Product : Fedora 44 Version : 1.96.0 Release : 1.fc44 URL : https://www.rust-lang.org Summary : The Rust Programming Language Description : Rust is a systems programming language that runs blazingly fast, prevents segfaults, and guarantees thread safety. This package includes the Rust compiler and documentation generator. -------------------------------------------------------------------------------- Update Information: Update to Rust 1.96.0: New Range* types Assert matching patterns Changes to WebAssembly targets Stabilized APIs Cargo CVE-2026-5222 and CVE-2026-5223 for third-party registries. See the blog post and release notes for more details. -------------------------------------------------------------------------------- ChangeLog: * Mon Jun 1 2026 Josh Stone - 1.96.0-1 - Update to Rust 1.96.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2458926 - rust-1.96.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2458926 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-e251935c8f' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Update uv and python-uv-build to 0.11.11. Update the astral-tokio-tar Rust crate to 0.6.1, fixing security advisories GHSA-xx64-wwv2-hcqq and GHSA- fp55-jw48-c537.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-8d8aee6aaf 2026-05-18 01:23:32.591517+00:00 -------------------------------------------------------------------------------- Name : rust-astral-tokio-tar Product : Fedora 42 Version : 0.6.1 Release : 1.fc42 URL : https://crates.io/crates/astral-tokio-tar Summary : Rust implementation of an async TAR file reader and writer Description : A Rust implementation of an async TAR file reader and writer. This library does not currently handle compression, but it is abstract over all I/O readers and writers. Additionally, great lengths are taken to ensure that the entire contents are never required to be entirely resident in memory all at once. -------------------------------------------------------------------------------- Update Information: Update uv and python-uv-build to 0.11.11. Update the astral-tokio-tar Rust crate to 0.6.1, fixing security advisories GHSA-xx64-wwv2-hcqq and GHSA- fp55-jw48-c537. -------------------------------------------------------------------------------- ChangeLog: * Tue May 5 2026 Benjamin A. Beasley - 0.6.1-1 - Update to version 0.6.1 - Fixes GHSA-fp55-jw48-c537; fixes GHSA-xx64-wwv2-hcqq -------------------------------------------------------------------------------- References: [ 1 ] Bug #2466653 - python-uv-build-0.11.9 is available https://bugzilla.redhat.com/show_bug.cgi?id=2466653 [ 2 ] Bug #2466654 - uv-0.11.9 is available https://bugzilla.redhat.com/show_bug.cgi?id=2466654 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-8d8aee6aaf' at the command line. For moreinformation, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Update uv and python-uv-build to 0.11.11. Update the astral-tokio-tar Rust crate to 0.6.1, fixing security advisories GHSA-xx64-wwv2-hcqq and GHSA- fp55-jw48-c537.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-7aacc8ea7d 2026-05-18 00:40:49.528970+00:00 -------------------------------------------------------------------------------- Name : rust-astral-tokio-tar Product : Fedora 44 Version : 0.6.1 Release : 1.fc44 URL : https://crates.io/crates/astral-tokio-tar Summary : Rust implementation of an async TAR file reader and writer Description : A Rust implementation of an async TAR file reader and writer. This library does not currently handle compression, but it is abstract over all I/O readers and writers. Additionally, great lengths are taken to ensure that the entire contents are never required to be entirely resident in memory all at once. -------------------------------------------------------------------------------- Update Information: Update uv and python-uv-build to 0.11.11. Update the astral-tokio-tar Rust crate to 0.6.1, fixing security advisories GHSA-xx64-wwv2-hcqq and GHSA- fp55-jw48-c537. -------------------------------------------------------------------------------- ChangeLog: * Tue May 5 2026 Benjamin A. Beasley - 0.6.1-1 - Update to version 0.6.1 - Fixes GHSA-fp55-jw48-c537; fixes GHSA-xx64-wwv2-hcqq -------------------------------------------------------------------------------- References: [ 1 ] Bug #2466653 - python-uv-build-0.11.9 is available https://bugzilla.redhat.com/show_bug.cgi?id=2466653 [ 2 ] Bug #2466654 - uv-0.11.9 is available https://bugzilla.redhat.com/show_bug.cgi?id=2466654 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-7aacc8ea7d' at the command line. For moreinformation, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
An update that solves one vulnerability and has one fix can now be installed.. # Security update for rust1.94 Announcement ID: SUSE-SU-2026:21357-1 Release Date: 2026-04-20T14:46:54Z Rating: moderate References: * bsc#1259623 * bsc#1261876 Cross-References: * CVE-2026-31812 CVSS scores: * CVE-2026-31812 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-31812 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-31812 ( NVD ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves one vulnerability and has one fix can now be installed. ## Description: This update for rust1.94 fixes the following issues: Changes in rust1.94: * Don't force gcc-15 on SLE-16 and higher (bsc#1261876) Update to rust1.94.1: * Release notes can be found externally: https://github.com/rust- lang/rust/releases/tag/1.94.1 * Avoid unwrapping varint decoding during parameters parsing (bsc#1259623 CVE-2026-31812). * Release notes can be found externally: https://github.com/rust- lang/rust/releases/tag/1.94.0 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-593=1 * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-593=1 ## Package List: * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * cargo1.94-debuginfo-1.94.1-160000.1.1 * rust1.94-debuginfo-1.94.1-160000.1.1 * cargo1.94-1.94.1-160000.1.1 * SUSE Linux Enterprise Server forSAP applications 16.0 (nosrc ppc64le x86_64) * rust1.94-1.94.1-160000.1.1 * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * cargo1.94-debuginfo-1.94.1-160000.1.1 * rust1.94-debuginfo-1.94.1-160000.1.1 * cargo1.94-1.94.1-160000.1.1 * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64 nosrc) * rust1.94-1.94.1-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-31812.html * https://bugzilla.suse.com/show_bug.cgi?id=1259623 * https://bugzilla.suse.com/show_bug.cgi?id=1261876 . This update resolves one issue in rust1.94 on SUSE Linux Enterprise Server 16.0. Immediate action is recommended.. SUSE Linux Enterprise Server,rust security update,security patch for rust. . LinuxSecurity.com Team
An update that solves one vulnerability and has 2 bug fixes can now be installed.. openSUSE security update: security update for rust1.94 ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20569-1 Rating: moderate References: * bsc#1259623 * bsc#1261876 Cross-References: * CVE-2026-31812 CVSS scores: * CVE-2026-31812 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-31812 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N Affected Products: openSUSE Leap 16.0 ------------------------------------------------------------- An update that solves one vulnerability and has 2 bug fixes can now be installed. Description: This update for rust1.94 fixes the following issues: Changes in rust1.94: - Don't force gcc-15 on SLE-16 and higher (bsc#1261876) Update to rust1.94.1: - Release notes can be found externally: https://github.com/rust-lang/rust/releases/tag/1.94.1 - Avoid unwrapping varint decoding during parameters parsing (bsc#1259623 CVE-2026-31812). - Release notes can be found externally: https://github.com/rust-lang/rust/releases/tag/1.94.0 Patch instructions: To install this openSUSE security update use the suse recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 16.0 zypper in -t patch openSUSE-Leap-16.0-593=1 Package List: - openSUSE Leap 16.0: cargo1.94-1.94.1-160000.1.1 rust1.94-1.94.1-160000.1.1 rust1.94-src-1.94.1-160000.1.1 References: * https://www.suse.com/security/cve/CVE-2026-31812.html . This openSUSE advisory details a moderate security update for rust1.94, addressing one vulnerability and including bug fixes.. openSUSE Rust Update, moderate security update, bug fixes, rust1.94 update. . LinuxSecurity.com Team
An update that solves one vulnerability and has one security fix can now be installed.. # Security update for rust1.93 Announcement ID: SUSE-SU-2026:1415-1 Release Date: 2026-04-16T15:05:20Z Rating: moderate References: * bsc#1253321 * bsc#1259623 Cross-References: * CVE-2026-31812 CVSS scores: * CVE-2026-31812 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-31812 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-31812 ( NVD ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * Development Tools Module 15-SP7 * openSUSE Leap 15.3 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for rust1.93 fixes the following issues: Security issue: * CVE-2026-31812: denial of service via crafted QUIC initial packet (bsc#1259623). Non security issue: * Resolve missing gcc requirement that may affect some crate buildin (bsc#1253321). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2026-1415=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2026-1415=1 * Development Tools Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP7-2026-1415=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * cargo1.93-1.93.0-150300.7.6.1 * rust1.93-debuginfo-1.93.0-150300.7.6.1 *cargo1.93-debuginfo-1.93.0-150300.7.6.1 * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586 nosrc) * rust1.93-1.93.0-150300.7.6.1 * openSUSE Leap 15.3 (noarch) * rust1.93-src-1.93.0-150300.7.6.1 * openSUSE Leap 15.3 (nosrc) * rust1.93-test-1.93.0-150300.7.6.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * cargo1.93-1.93.0-150300.7.6.1 * rust1.93-debuginfo-1.93.0-150300.7.6.1 * cargo1.93-debuginfo-1.93.0-150300.7.6.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 nosrc) * rust1.93-1.93.0-150300.7.6.1 * openSUSE Leap 15.6 (noarch) * rust1.93-src-1.93.0-150300.7.6.1 * Development Tools Module 15-SP7 (aarch64 ppc64le s390x x86_64) * cargo1.93-1.93.0-150300.7.6.1 * rust1.93-debuginfo-1.93.0-150300.7.6.1 * cargo1.93-debuginfo-1.93.0-150300.7.6.1 * Development Tools Module 15-SP7 (aarch64 ppc64le s390x x86_64 nosrc) * rust1.93-1.93.0-150300.7.6.1 * Development Tools Module 15-SP7 (noarch) * rust1.93-src-1.93.0-150300.7.6.1 ## References: * https://www.suse.com/security/cve/CVE-2026-31812.html * https://bugzilla.suse.com/show_bug.cgi?id=1253321 * https://bugzilla.suse.com/show_bug.cgi?id=1259623 . Installing the latest security update for rust1.93 addresses denial of service vulnerabilities in openSUSE.. rust security update, openSUSE advisory, denial of service rust. . LinuxSecurity.com Team
Get the latest Linux and open source security news straight to your inbox.