Security update for rust SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2019:2203-1 Final 1 1 2019-09-27T07:40:16Z current 2019-09-27T07:40:16Z 2019-09-27T07:40:16Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for rust This update for rust fixes the following issues: Rust was updated to version 1.36.0. Security issues fixed: - CVE-2019-12083: a standard method can be overridden violating Rust's safety guarantees and causing memory unsafety (bsc#1134978) - CVE-2018-1000622: rustdoc loads plugins from world writable directory allowing for arbitrary code execution (bsc#1100691) This update was imported from SUSE:SLE-15:Update. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-2019-2203 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/opensuse-security-announce/2019-09/msg00076.html E-Mail link for openSUSE-SU-2019:2203-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1096945 SUSE Bug 1096945 https://bugzilla.suse.com/1100691 SUSE Bug 1100691 https://bugzilla.suse.com/1133283 SUSE Bug 1133283 https://bugzilla.suse.com/1134978 SUSE Bug 1134978 https://www.suse.com/security/cve/CVE-2018-1000622/ SUSE CVE CVE-2018-1000622 page https://www.suse.com/security/cve/CVE-2019-12083/ SUSE CVE CVE-2019-12083 page openSUSE Leap 15.1 cargo-1.36.0-lp151.5.4.1 cargo-doc-1.36.0-lp151.5.4.1 clippy-1.36.0-lp151.5.4.1 rls-1.36.0-lp151.5.4.1 rust-1.36.0-lp151.5.4.1 rust-analysis-1.36.0-lp151.5.4.1 rust-cbindgen-0.8.7-lp151.2.2 rust-doc-1.36.0-lp151.5.4.1 rust-gdb-1.36.0-lp151.5.4.1 rust-src-1.36.0-lp151.5.4.1 rust-std-static-1.36.0-lp151.5.4.1 rustfmt-1.36.0-lp151.5.4.1 cargo-1.36.0-lp151.5.4.1 as a component of openSUSE Leap 15.1 cargo-doc-1.36.0-lp151.5.4.1 as a component of openSUSE Leap 15.1 clippy-1.36.0-lp151.5.4.1 as a component of openSUSE Leap 15.1 rls-1.36.0-lp151.5.4.1 as a component of openSUSE Leap 15.1 rust-1.36.0-lp151.5.4.1 as a component of openSUSE Leap 15.1 rust-analysis-1.36.0-lp151.5.4.1 as a component of openSUSE Leap 15.1 rust-cbindgen-0.8.7-lp151.2.2 as a component of openSUSE Leap 15.1 rust-doc-1.36.0-lp151.5.4.1 as a component of openSUSE Leap 15.1 rust-gdb-1.36.0-lp151.5.4.1 as a component of openSUSE Leap 15.1 rust-src-1.36.0-lp151.5.4.1 as a component of openSUSE Leap 15.1 rust-std-static-1.36.0-lp151.5.4.1 as a component of openSUSE Leap 15.1 rustfmt-1.36.0-lp151.5.4.1 as a component of openSUSE Leap 15.1 The Rust Programming Language rustdoc version Between 0.8 and 1.27.0 contains a CWE-427: Uncontrolled Search Path Element vulnerability in rustdoc plugins that can result in local code execution as a different user. This attack appear to be exploitable via using the --plugin flag without the --plugin-path flag. This vulnerability appears to have been fixed in 1.27.1. CVE-2018-1000622 openSUSE Leap 15.1:cargo-1.36.0-lp151.5.4.1 openSUSE Leap 15.1:cargo-doc-1.36.0-lp151.5.4.1 openSUSE Leap 15.1:clippy-1.36.0-lp151.5.4.1 openSUSE Leap 15.1:rls-1.36.0-lp151.5.4.1 openSUSE Leap 15.1:rust-1.36.0-lp151.5.4.1 openSUSE Leap 15.1:rust-analysis-1.36.0-lp151.5.4.1 openSUSE Leap 15.1:rust-cbindgen-0.8.7-lp151.2.2 openSUSE Leap 15.1:rust-doc-1.36.0-lp151.5.4.1 openSUSE Leap 15.1:rust-gdb-1.36.0-lp151.5.4.1 openSUSE Leap 15.1:rust-src-1.36.0-lp151.5.4.1 openSUSE Leap 15.1:rust-std-static-1.36.0-lp151.5.4.1 openSUSE Leap 15.1:rustfmt-1.36.0-lp151.5.4.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/opensuse-security-announce/2019-09/msg00076.html https://www.suse.com/security/cve/CVE-2018-1000622.html CVE-2018-1000622 https://bugzilla.suse.com/1100691 SUSE Bug 1100691 The Rust Programming Language Standard Library 1.34.x before 1.34.2 contains a stabilized method which, if overridden, can violate Rust's safety guarantees and cause memory unsafety. If the `Error::type_id` method is overridden then any type can be safely cast to any other type, causing memory safety vulnerabilities in safe code (e.g., out-of-bounds write or read). Code that does not manually implement Error::type_id is unaffected. CVE-2019-12083 openSUSE Leap 15.1:cargo-1.36.0-lp151.5.4.1 openSUSE Leap 15.1:cargo-doc-1.36.0-lp151.5.4.1 openSUSE Leap 15.1:clippy-1.36.0-lp151.5.4.1 openSUSE Leap 15.1:rls-1.36.0-lp151.5.4.1 openSUSE Leap 15.1:rust-1.36.0-lp151.5.4.1 openSUSE Leap 15.1:rust-analysis-1.36.0-lp151.5.4.1 openSUSE Leap 15.1:rust-cbindgen-0.8.7-lp151.2.2 openSUSE Leap 15.1:rust-doc-1.36.0-lp151.5.4.1 openSUSE Leap 15.1:rust-gdb-1.36.0-lp151.5.4.1 openSUSE Leap 15.1:rust-src-1.36.0-lp151.5.4.1 openSUSE Leap 15.1:rust-std-static-1.36.0-lp151.5.4.1 openSUSE Leap 15.1:rustfmt-1.36.0-lp151.5.4.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/opensuse-security-announce/2019-09/msg00076.html https://www.suse.com/security/cve/CVE-2019-12083.html CVE-2019-12083 https://bugzilla.suse.com/1134978 SUSE Bug 1134978