SUSE-CU-2023:1418-1: Recommended update of bci/rust

sle-updates at lists.suse.com sle-updates at lists.suse.com
Wed May 3 07:15:05 UTC 2023 

SUSE Container Update Advisory: bci/rust
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2023:1418-1
Container Tags        : bci/rust:1.68 , bci/rust:1.68-3.2
Container Release     : 3.2
Severity              : moderate
Type                  : recommended
References            : 1209839 
-----------------------------------------------------------------

The container bci/rust was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:2088-1
Released:    Tue May  2 18:08:06 2023
Summary:     Recommended update for rust, rust1.68
Type:        recommended
Severity:    moderate
References:  1209839
This update for rust, rust1.68 fixes the following issues:

Changes in rust1.68:

- bsc#1209839 - replace leaked github keys in rust/cargo

Version 1.68.2 (2023-03-28)
===========================

- Update the GitHub RSA host key bundled within Cargo
  The key was rotated by GitHub (https://github.blog/2023-03-23-we-updated-our-rsa-ssh-host-key/)
  on 2023-03-24 after the old one leaked.
- Mark the old GitHub RSA host key as revoked](https://github.com/rust-lang/cargo/pull/11889).
  This will prevent Cargo from accepting the leaked key even when trusted by
  the system.
- Add support for `@revoked` and a better error message for `@cert-authority` in Cargo's SSH host key verification
- Fix miscompilation in produced Windows MSVC artifacts
  This was introduced by enabling ThinLTO for the distributed rustc which led
  to miscompilations in the resulting binary. Currently this is believed to be
  limited to the -Zdylib-lto flag used for rustc compilation, rather than a
  general bug in ThinLTO, so only rustc artifacts should be affected.
- Fix --enable-local-rust builds
- Treat `$prefix-clang` as `clang` in linker detection code
- Fix panic in compiler code


The following package changes have been done:

- rust1.68-1.68.2-150400.9.10.2 updated
- cargo1.68-1.68.2-150400.9.10.2 updated
- container:sles15-image-15.0.0-27.14.56 updated

More information about the sle-updates mailing list