Advisories » MGASA-2018-0407

Updated rust packages fix security vulnerability

Publication date: 19 Oct 2018
Modification date: 19 Oct 2018
Type: security
Affected Mageia releases : 6
CVE: CVE-2018-1000810

Description

Updated rust packages fix security vulnerability

The Rust Programming Language Standard Library before version 1.29.1
contains a CWE-680: Integer Overflow to Buffer Overflow vulnerability
in the standard library that can result in buffer overflow. This attack
appear to be exploitable via str::repeat, passed a large number, can
overflow an internal buffer (CVE-2018-1000810).
                

References

• https://bugs.mageia.org/show_bug.cgi?id=23701
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000810

SRPMS

6/core

• rust-1.28.0-1.2.mga6