[Pkg-rust-maintainers] Bug#970586: rust-sized-chunks: Multiple soundness issues in Chunk and InlineArray

Alexander Kjäll alexander.kjall at gmail.com
Sat Sep 19 12:49:55 BST 2020

Source: rust-sized-chunks
Version: 0.6.2-1
Severity: normal
Tags: upstream, security

Dear Maintainer,


    Array size is not checked when constructed with unit() and pair().
    Array size is not checked when constructed with From<InlineArray<A, T>>.
    Clone and insert_from are not panic-safe; A panicking iterator causes memory safety issues with them.


    Generates unaligned references for types with a large alignment requirement.

Rust advisory here: https://rustsec.org/advisories/RUSTSEC-2020-0041.html

-- System Information:
Debian Release: bullseye/sid
  APT prefers unstable
  APT policy: (990, 'unstable'), (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 5.6.0-2-amd64 (SMP w/2 CPU threads)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

More information about the Pkg-rust-maintainers mailing list