Rust: Multiple Vulnerabilities

Rust: Multiple Vulnerabilities Multiple vulnerabilities have been discovered in Rust, the worst of which could result in denial of service. rust,rust-bin 2022-10-16 2022-10-16 870166 831638 821157 807052 782367 remote 1.63.0-r1 1.63.0-r1 1.64.0 1.64.0

A systems programming language that runs blazingly fast, prevents segfaults, and guarantees thread safety.

Multiple vulnerabilities have been discovered in Rust. Please review the CVE identifiers referenced below for details.

Please review the referenced CVE identifiers for details.

There is no known workaround at this time.

All Rust users should upgrade to the latest version:


          # emerge --sync
          # emerge --ask --oneshot --verbose ">=dev-lang/rust-1.63.0-r1"

All Rust binary users should upgrade to the latest version:


          # emerge --sync
          # emerge --ask --oneshot --verbose ">=dev-lang/rust-bin-1.64.0"

In addition, users using Portage 3.0.38 or later should ensure that packages with Rust binaries have no vulnerable code statically linked into their binaries by rebuilding the @rust-rebuild set:


          # emerge --ask --oneshot --verbose @rust-rebuild

CVE-2021-28875 CVE-2021-28876 CVE-2021-28877 CVE-2021-28878 CVE-2021-28879 CVE-2021-29922 CVE-2021-31162 CVE-2021-36317 CVE-2021-36318 CVE-2021-42574 CVE-2021-42694 CVE-2022-21658 CVE-2022-36113 CVE-2022-36114 ajak ajak