[Pkg-rust-maintainers] Bug#969911: rust-rand-core: Unaligned memory access resulting in undefined behavior

Alexander Kjäll alexander.kjall at gmail.com
Tue Sep 8 17:45:45 BST 2020

Source: rust-rand-core
Version: 0.3.0-1
Severity: normal
Tags: upstream, security

Dear Maintainer,

Versions under 0.4.2 violated alignment when casting byte slices to integer slices, resulting in undefined behavior.

Advisory: https://rustsec.org/advisories/RUSTSEC-2019-0035.html

-- System Information:
Debian Release: bullseye/sid
  APT prefers unstable
  APT policy: (990, 'unstable'), (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 5.6.0-2-amd64 (SMP w/2 CPU threads)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

More information about the Pkg-rust-maintainers mailing list