[Pkg-rust-maintainers] Bug#992046: rust-anymap: CVE-2021-38187
Moritz Mühlenhoff
jmm at inutil.org
Mon Aug 9 22:29:17 BST 2021
Source: rust-anymap
X-Debbugs-CC: team at security.debian.org
Severity: grave
Tags: security
Hi,
The following vulnerability was published for rust-anymap.
CVE-2021-38187[0]:
| An issue was discovered in the anymap crate through 0.12.1 for Rust.
| It violates soundness via conversion of a *u8 to a *u64.
https://rustsec.org/advisories/RUSTSEC-2021-0065.html
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2021-38187
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38187
Please adjust the affected versions in the BTS as needed.
More information about the Pkg-rust-maintainers
mailing list