[Pkg-rust-maintainers] Bug#976867: Bug#976867: RUSTSEC-2020-0077: memmap: memmap is unmaintained

Sylvestre Ledru sylvestre at debian.org
Tue Dec 8 20:10:22 GMT 2020


Hello,

Le 08/12/2020 à 21:00, Salvatore Bonaccorso a écrit :
> Source: rust-memmap
> Version: 0.7.0-1
> Severity: important
> Tags: security upstream
> X-Debbugs-Cc: carnil at debian.org, Debian Security Team <team at security.debian.org>
> 
> Hi
> 
> See
> 
> https://rustsec.org/advisories/RUSTSEC-2020-0077.html
> https://github.com/danburkert/memmap-rs/issues/90
> 
> so rust-memmap should be started to be replaced with maintained
> alternatives.
Could you please explain why you set the severity as important?
AFAIK, there isn't a security exploit. Not in the binary shipping in Debian either.

The fact that it is unmaintained upstream isn't a blocker on the Debian side AFAIK.

Thanks
Sylvestre



More information about the Pkg-rust-maintainers mailing list