SUSE-RU-2023:2088-1: moderate: Recommended update for rust, rust1.68

sle-updates at lists.suse.com sle-updates at lists.suse.com
Mon May 8 09:05:18 UTC 2023 


# Recommended update for rust, rust1.68

Announcement ID: SUSE-RU-2023:2088-1  
Rating: moderate  
References:

  * #1209839

  
Affected Products:

  * Development Tools Module 15-SP4
  * openSUSE Leap 15.4
  * SUSE Linux Enterprise Desktop 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise Real Time 15 SP4
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3

  
  
An update that contains one feature and has one recommended fix can now be
installed.

## Description:

This update for rust, rust1.68 fixes the following issues:

Changes in rust1.68:

  * bsc#1209839 - replace leaked github keys in rust/cargo

# Version 1.68.2 (2023-03-28)

  * Update the GitHub RSA host key bundled within Cargo The key was rotated by
    GitHub (https://github.blog/2023-03-23-we-updated-our-rsa-ssh-host-key/) on
    2023-03-24 after the old one leaked.
  * Mark the old GitHub RSA host key as revoked](https://github.com/rust-
    lang/cargo/pull/11889). This will prevent Cargo from accepting the leaked
    key even when trusted by the system.
  * Add support for `@revoked` and a better error message for `@cert-authority`
    in Cargo's SSH host key verification
  * Fix miscompilation in produced Windows MSVC artifacts This was introduced by
    enabling ThinLTO for the distributed rustc which led to miscompilations in
    the resulting binary. Currently this is believed to be limited to the
    -Zdylib-lto flag used for rustc compilation, rather than a general bug in
    ThinLTO, so only rustc artifacts should be affected.
  * Fix --enable-local-rust builds
  * Treat `$prefix-clang` as `clang` in linker detection code
  * Fix panic in compiler code

## Patch Instructions:

To install this SUSE Moderate update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.4  
    zypper in -t patch openSUSE-SLE-15.4-2023-2088=1

  * Development Tools Module 15-SP4  
    zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP4-2023-2088=1

## Package List:

  * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64)
    * cargo1.68-debuginfo-1.68.2-150400.9.10.2
    * rust1.68-debuginfo-1.68.2-150400.9.10.2
    * cargo1.68-1.68.2-150400.9.10.2
  * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 nosrc)
    * rust1.68-1.68.2-150400.9.10.2
  * Development Tools Module 15-SP4 (aarch64 ppc64le s390x x86_64)
    * cargo1.68-debuginfo-1.68.2-150400.9.10.2
    * rust1.68-debuginfo-1.68.2-150400.9.10.2
    * cargo1.68-1.68.2-150400.9.10.2
  * Development Tools Module 15-SP4 (aarch64 ppc64le s390x x86_64 nosrc)
    * rust1.68-1.68.2-150400.9.10.2

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1209839
  * https://jira.suse.com/browse/SLE-18626

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20230508/028cdd4b/attachment.htm>

More information about the sle-updates mailing list