ALSA-2023:4634

Source
https://errata.almalinux.org/9/ALSA-2023-4634.html
Import Source
https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2023:4634.json
JSON Data
https://api.osv.dev/v1/vulns/ALSA-2023:4634
Related
Published
2023-08-14T00:00:00Z
Modified
2023-08-15T09:01:04Z
Summary
Important: rust security update
Details

Rust Toolset provides the Rust programming language compiler rustc, the cargo build tool and dependency manager, and required libraries.

Security Fix(es):

  • rust-cargo: cargo does not respect the umask when extracting dependencies (CVE-2023-38497)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References

Affected packages

AlmaLinux:9 / cargo

Package

Name
cargo

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.66.1-2.el9_2

AlmaLinux:9 / clippy

Package

Name
clippy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.66.1-2.el9_2

AlmaLinux:9 / rust

Package

Name
rust

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.66.1-2.el9_2

AlmaLinux:9 / rust-analysis

Package

Name
rust-analysis

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.66.1-2.el9_2

AlmaLinux:9 / rust-analyzer

Package

Name
rust-analyzer

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.66.1-2.el9_2

AlmaLinux:9 / rust-debugger-common

Package

Name
rust-debugger-common

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.66.1-2.el9_2

AlmaLinux:9 / rust-doc

Package

Name
rust-doc

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.66.1-2.el9_2

AlmaLinux:9 / rust-gdb

Package

Name
rust-gdb

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.66.1-2.el9_2

AlmaLinux:9 / rust-lldb

Package

Name
rust-lldb

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.66.1-2.el9_2

AlmaLinux:9 / rust-src

Package

Name
rust-src

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.66.1-2.el9_2

AlmaLinux:9 / rust-std-static

Package

Name
rust-std-static

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.66.1-2.el9_2

AlmaLinux:9 / rust-std-static-wasm32-unknown-unknown

Package

Name
rust-std-static-wasm32-unknown-unknown

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.66.1-2.el9_2

AlmaLinux:9 / rust-std-static-wasm32-wasi

Package

Name
rust-std-static-wasm32-wasi

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.66.1-2.el9_2

AlmaLinux:9 / rust-toolset

Package

Name
rust-toolset

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.66.1-2.el9_2

AlmaLinux:9 / rustfmt

Package

Name
rustfmt

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.66.1-2.el9_2