Rust: Multiple vulnerabilities

Rust: Multiple vulnerabilities Multiple vulnerabilities have been found in Rust, the worst which may allow local attackers to execute arbitrary code. rust 2018-12-30 2018-12-30 662904 local, remote 1.29.1 1.29.1 1.29.1 1.29.1

A systems programming language that runs blazingly fast, prevents segfaults, and guarantees thread safety.

Multiple vulnerabilities have been discovered in Rust. Please review the CVE identifiers referenced below for details.

A remote attacker able to control the value passed to Rust’s str::repeat function could possibly cause a Denial of Service condition.

In addition, a local attacker could trick another user into executing arbitrary code when using rustdoc.

There is no known workaround at this time.

All Rust users should upgrade to the latest version:


      # emerge --sync
      # emerge --ask --oneshot --verbose ">=dev-lang/rust-1.29.1"

All Rust binary users should upgrade to the latest version:


      # emerge --sync
      # emerge --ask --oneshot --verbose ">=dev-lang/rust-bin-1.29.1"

CVE-2018-1000622 CVE-2018-1000810 b-man b-man