[Pkg-rust-maintainers] Bug#970586: rust-sized-chunks: Multiple soundness issues in Chunk and InlineArray
Alexander Kjäll
alexander.kjall at gmail.com
Sat Sep 19 12:49:55 BST 2020
Source: rust-sized-chunks
Version: 0.6.2-1
Severity: normal
Tags: upstream, security
Dear Maintainer,
Chunk:
Array size is not checked when constructed with unit() and pair().
Array size is not checked when constructed with From<InlineArray<A, T>>.
Clone and insert_from are not panic-safe; A panicking iterator causes memory safety issues with them.
InlineArray:
Generates unaligned references for types with a large alignment requirement.
Rust advisory here: https://rustsec.org/advisories/RUSTSEC-2020-0041.html
-- System Information:
Debian Release: bullseye/sid
APT prefers unstable
APT policy: (990, 'unstable'), (500, 'testing')
Architecture: amd64 (x86_64)
Kernel: Linux 5.6.0-2-amd64 (SMP w/2 CPU threads)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
More information about the Pkg-rust-maintainers
mailing list