[Git][security-tracker-team/security-tracker][master] Add some new and old rustc issues

Salvatore Bonaccorso carnil at debian.org
Wed Apr 14 09:23:10 BST 2021 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
201a2a91 by Salvatore Bonaccorso at 2021-04-14T10:22:47+02:00
Add some new and old rustc issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,5 +1,7 @@
 CVE-2021-31162 (In the standard library in Rust before 1.53.0, a double free can occur ...)
-	TODO: check
+	- rustc <unfixed>
+	NOTE: https://github.com/rust-lang/rust/issues/83618
+	NOTE: https://github.com/rust-lang/rust/pull/83629
 CVE-2021-31161
 	RESERVED
 CVE-2021-31160
@@ -1041,14 +1043,20 @@ CVE-2021-30643
 CVE-2021-30642
 	RESERVED
 CVE-2020-36323 (In the standard library in Rust before 1.50.3, there is an optimizatio ...)
-	TODO: check
+	- rustc <unfixed>
+	NOTE: https://github.com/rust-lang/rust/issues/80335
+	NOTE: https://github.com/rust-lang/rust/pull/81728
 CVE-2020-36322 (An issue was discovered in the FUSE filesystem implementation in the L ...)
 	- linux 5.10.9-1
 	NOTE: https://git.kernel.org/linus/5d069dbe8aaf2a197142558b6fb2978189ba3454
 CVE-2018-25008 (In the standard library in Rust before 1.29.0, there is weak synchroni ...)
-	TODO: check
+	- rustc 1.29.0+dfsg1-1
+	NOTE: https://github.com/rust-lang/rust/issues/51780
+	NOTE: https://github.com/rust-lang/rust/pull/52031
 CVE-2017-20004 (In the standard library in Rust before 1.19.0, there is a synchronizat ...)
-	TODO: check
+	- rustc 1.19.0+dfsg3-2
+	NOTE: https://github.com/rust-lang/rust/issues/41622
+	NOTE: https://github.com/rust-lang/rust/pull/41624
 CVE-2015-20002
 	RESERVED
 CVE-2021-3498 [gstreamer-plugins-good: Heap corruption in matroska demuxing]



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/201a2a919e9dfc937f2ae9de97a29a1e4b277aa4

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/201a2a919e9dfc937f2ae9de97a29a1e4b277aa4
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210414/4a46a8cc/attachment.htm>

More information about the debian-security-tracker-commits mailing list