[Pkg-rust-maintainers] Bug#976867: Bug#976867: RUSTSEC-2020-0077: memmap: memmap is unmaintained
Sylvestre Ledru
sylvestre at debian.org
Tue Dec 8 20:10:22 GMT 2020
Hello,
Le 08/12/2020 à 21:00, Salvatore Bonaccorso a écrit :
> Source: rust-memmap
> Version: 0.7.0-1
> Severity: important
> Tags: security upstream
> X-Debbugs-Cc: carnil at debian.org, Debian Security Team <team at security.debian.org>
>
> Hi
>
> See
>
> https://rustsec.org/advisories/RUSTSEC-2020-0077.html
> https://github.com/danburkert/memmap-rs/issues/90
>
> so rust-memmap should be started to be replaced with maintained
> alternatives.
Could you please explain why you set the severity as important?
AFAIK, there isn't a security exploit. Not in the binary shipping in Debian either.
The fact that it is unmaintained upstream isn't a blocker on the Debian side AFAIK.
Thanks
Sylvestre
More information about the Pkg-rust-maintainers
mailing list