[Pkg-rust-maintainers] Bug#969899: rust-libflate: use-after-free vulnerability on panic in client code
Alexander Kjäll
alexander.kjall at gmail.com
Tue Sep 8 14:45:41 BST 2020
Source: rust-libflate
Version: 0.1.19-1
Severity: normal
Tags: upstream, security
Dear Maintainer,
The library have a use after free vulnerability in versions from 0.1.14 up to but not including 0.1.25
Advisory text: https://rustsec.org/advisories/RUSTSEC-2019-0010.html
-- System Information:
Debian Release: bullseye/sid
APT prefers unstable
APT policy: (990, 'unstable'), (500, 'testing')
Architecture: amd64 (x86_64)
Kernel: Linux 5.6.0-2-amd64 (SMP w/2 CPU threads)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=locale: Cannot set LC_ALL to default locale: No such file or directory
UTF-8), LANGUAGE=en_US:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
More information about the Pkg-rust-maintainers
mailing list