SUSE-CU-2023:3451-1: Security update of bci/rust

sle-security-updates at lists.suse.com sle-security-updates at lists.suse.com
Wed Oct 18 07:03:33 UTC 2023


SUSE Container Update Advisory: bci/rust
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2023:3451-1
Container Tags        : bci/rust:1.72 , bci/rust:1.72-2.2.2 , bci/rust:oldstable , bci/rust:oldstable-2.2.2
Container Release     : 2.2
Severity              : moderate
Type                  : security
References            : 1214689 1215834 CVE-2023-40030 
-----------------------------------------------------------------

The container bci/rust was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:3722-1
Released:    Thu Sep 21 10:53:20 2023
Summary:     Security update for rust, rust1.72
Type:        security
Severity:    moderate
References:  1214689,CVE-2023-40030
This update for rust, rust1.72 fixes the following issues:

Changes in rust:

- Update to version 1.72.0 - for details see the rust1.72 package

Changes in rust1.72:

- CVE-2023-40030: fix minor non-exploited issue in cargo (bsc#1214689)


Version 1.72.0 (2023-08-24)
==========================

Language
--------

- Replace const eval limit by a lint and add an exponential backoff warning
- expand: Change how `#![cfg(FALSE)]` behaves on crate root
- Stabilize inline asm for LoongArch64
- Uplift `clippy::undropped_manually_drops` lint
- Uplift `clippy::invalid_utf8_in_unchecked` lint
- Uplift `clippy::cast_ref_to_mut` lint
- Uplift `clippy::cmp_nan` lint
- resolve: Remove artificial import ambiguity errors
- Don't require associated types with Self: Sized bounds in `dyn Trait` objects

Compiler
--------

- Remember names of `cfg`-ed out items to mention them in diagnostics
- Support for native WASM exceptions
- Add support for NetBSD/aarch64-be (big-endian arm64).
- Write to stdout if `-` is given as output file
- Force all native libraries to be statically linked when linking a static binary
- Add Tier 3 support for `loongarch64-unknown-none*`
- Prevent `.eh_frame` from being emitted for `-C panic=abort`
- Support 128-bit enum variant in debuginfo codegen
- compiler: update solaris/illumos to enable tsan support.

Refer to Rust's platform support page for more information on Rust's tiered platform support.

Libraries
---------

- Document memory orderings of `thread::{park, unpark}`
- io: soften ‘at most one write attempt’ requirement in io::Write::write
- Specify behavior of HashSet::insert
- Relax implicit `T: Sized` bounds on `BufReader<T>`, `BufWriter<T>` and `LineWriter<T>`
- Update runtime guarantee for `select_nth_unstable`
- Return `Ok` on kill if process has already exited
- Implement PartialOrd for `Vec`s over different allocators
- Use 128 bits for TypeId hash
- Don't drain-on-drop in DrainFilter impls of various collections.
- Make `{Arc,Rc,Weak}::ptr_eq` ignore pointer metadata

Rustdoc
-------

- Allow whitespace as path separator like double colon
- Add search result item types after their name
- Search for slices and arrays by type with `[]`
- Clean up type unification and 'unboxing'

Stabilized APIs
---------------

- `impl<T: Send> Sync for mpsc::Sender<T>`
- `impl TryFrom<&OsStr> for &str`
- `String::leak`

These APIs are now stable in const contexts:

- `CStr::from_bytes_with_nul`
- `CStr::to_bytes`
- `CStr::to_bytes_with_nul`
- `CStr::to_str`

Cargo
-----

- Enable `-Zdoctest-in-workspace` by default. When running each documentation
  test, the working directory is set to the root directory of the package the
  test belongs to.
- Add support of the 'default' keyword to reset previously set `build.jobs`
  parallelism back to the default.

Compatibility Notes
-------------------

- Alter `Display` for `Ipv6Addr` for IPv4-compatible addresses
- Cargo changed feature name validation check to a hard error. The warning was
  added in Rust 1.49. These extended characters aren't allowed on crates.io, so
  this should only impact users of other registries, or people who don't publish
  to a registry.
  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:3993-1
Released:    Fri Oct  6 12:04:30 2023
Summary:     Recommended update for rust1.72
Type:        recommended
Severity:    moderate
References:  1215834
This update for rust1.72 fixes the following issues:

- use gcc12 instead of gcc11 (bsc#1215834)

Version 1.72.1 (2023-09-19)
===========================

- Adjust codegen change to improve LLVM codegen
- rustdoc: Fix self ty params in objects with lifetimes
- Fix regression in compile times
- Resolve some ICE regressions in the compiler.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:4073-1
Released:    Fri Oct 13 11:40:26 2023
Summary:     Recommended update for rpm
Type:        recommended
Severity:    low
References:  
This update for rpm fixes the following issue:

- Enables build for all python modules (jsc#PED-68, jsc#PED-1988)


The following package changes have been done:

- rpm-ndb-4.14.3-150400.59.3.1 updated
- libasan8-12.3.0+git1204-150000.1.16.1 added
- libtsan2-12.3.0+git1204-150000.1.16.1 added
- cpp12-12.3.0+git1204-150000.1.16.1 added
- gcc12-12.3.0+git1204-150000.1.16.1 added
- rust1.72-1.72.1-150400.9.6.1 added
- cargo1.72-1.72.1-150400.9.6.1 added
- container:sles15-image-15.0.0-36.5.43 updated
- cargo1.71-1.71.1-150400.9.6.1 removed
- cpp11-11.3.0+git1637-150000.1.11.2 removed
- gcc11-11.3.0+git1637-150000.1.11.2 removed
- libasan6-11.3.0+git1637-150000.1.11.2 removed
- libtsan0-11.3.0+git1637-150000.1.11.2 removed
- rust1.71-1.71.1-150400.9.6.1 removed


More information about the sle-security-updates mailing list