GLSA-201812-11 : Rust: Multiple vulnerabilities
High Nessus Plugin ID 119945
SynopsisThe remote Gentoo host is missing one or more security-related patches.
DescriptionThe remote host is affected by the vulnerability described in GLSA-201812-11 (Rust: Multiple vulnerabilities)
Multiple vulnerabilities have been discovered in Rust. Please review the CVE identifiers referenced below for details.
A remote attacker able to control the value passed to Rust’s str::repeat function could possibly cause a Denial of Service condition.
In addition, a local attacker could trick another user into executing arbitrary code when using rustdoc.
There is no known workaround at this time.
SolutionAll Rust users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose '>=dev-lang/rust-1.29.1' All Rust binary users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose '>=dev-lang/rust-bin-1.29.1'