Mageia Linux Local Security Checks : Mageia: Security Advisory (MGASA-2021-0517)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.1.10.2021.0517

Categoría: Mageia Linux Local Security Checks

Título: Mageia: Security Advisory (MGASA-2021-0517)

Resumen: The remote host is missing an update for the 'rust' package(s) announced via the MGASA-2021-0517 advisory.

Descripción: Summary:
The remote host is missing an update for the 'rust' package(s) announced via the MGASA-2021-0517 advisory.

Vulnerability Insight:
Updated rust packages fix security vulnerability

This update mitigates a security concern in the Unicode standard, affecting
source code containing 'bidirectional override' Unicode codepoints: in some
cases the use of those codepoints could lead to the reviewed code being
different than the compiled code (CVE-2021-42574).

rustc mitigates the issue by issuing two new deny-by-default lints detecting
the affected codepoints in string literals and in comments. The lints will
prevent source code files containing those codepoints from being compiled,
protecting developers and users from the attack.

This update also provides new features and bugfixes included in Rust since
the previously packaged version 1.51.1. See the referenced release notes for
details.

Affected Software/OS:
'rust' package(s) on Mageia 8.

Solution:
Please install the updated package(s).

CVSS Score:
5.1

CVSS Vector:
AV:N/AC:H/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2021-42574
CERT/CC vulnerability note: VU#999008
https://www.kb.cert.org/vuls/id/999008
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QUPA37D57VPTDLSXOOGF4UXUEADOC4PQ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IH2RG5YTR6ZZOLUV3EUPZEIJR7XHJLVD/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LQNTFF24ROHLVPLUOEISBN3F7QM27L4U/
https://security.gentoo.org/glsa/202210-09
http://www.unicode.org/versions/Unicode14.0.0/
https://trojansource.codes
https://www.scyon.nl/post/trojans-in-your-source-code
https://www.starwindsoftware.com/security/sw-20220804-0002/
https://www.unicode.org/reports/tr31/
https://www.unicode.org/reports/tr36/
https://www.unicode.org/reports/tr39/
https://www.unicode.org/reports/tr9/tr9-44.html#HL4
http://www.openwall.com/lists/oss-security/2021/11/01/1
http://www.openwall.com/lists/oss-security/2021/11/01/4
http://www.openwall.com/lists/oss-security/2021/11/01/6
http://www.openwall.com/lists/oss-security/2021/11/01/5
http://www.openwall.com/lists/oss-security/2021/11/02/10

Copyright Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2021.0517
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2021-0517)
Resumen:	The remote host is missing an update for the 'rust' package(s) announced via the MGASA-2021-0517 advisory.
Descripción:	Summary: The remote host is missing an update for the 'rust' package(s) announced via the MGASA-2021-0517 advisory. Vulnerability Insight: Updated rust packages fix security vulnerability This update mitigates a security concern in the Unicode standard, affecting source code containing 'bidirectional override' Unicode codepoints: in some cases the use of those codepoints could lead to the reviewed code being different than the compiled code (CVE-2021-42574). rustc mitigates the issue by issuing two new deny-by-default lints detecting the affected codepoints in string literals and in comments. The lints will prevent source code files containing those codepoints from being compiled, protecting developers and users from the attack. This update also provides new features and bugfixes included in Rust since the previously packaged version 1.51.1. See the referenced release notes for details. Affected Software/OS: 'rust' package(s) on Mageia 8. Solution: Please install the updated package(s). CVSS Score: 5.1 CVSS Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2021-42574 CERT/CC vulnerability note: VU#999008 https://www.kb.cert.org/vuls/id/999008 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QUPA37D57VPTDLSXOOGF4UXUEADOC4PQ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IH2RG5YTR6ZZOLUV3EUPZEIJR7XHJLVD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LQNTFF24ROHLVPLUOEISBN3F7QM27L4U/ https://security.gentoo.org/glsa/202210-09 http://www.unicode.org/versions/Unicode14.0.0/ https://trojansource.codes https://www.scyon.nl/post/trojans-in-your-source-code https://www.starwindsoftware.com/security/sw-20220804-0002/ https://www.unicode.org/reports/tr31/ https://www.unicode.org/reports/tr36/ https://www.unicode.org/reports/tr39/ https://www.unicode.org/reports/tr9/tr9-44.html#HL4 http://www.openwall.com/lists/oss-security/2021/11/01/1 http://www.openwall.com/lists/oss-security/2021/11/01/4 http://www.openwall.com/lists/oss-security/2021/11/01/6 http://www.openwall.com/lists/oss-security/2021/11/01/5 http://www.openwall.com/lists/oss-security/2021/11/02/10
Copyright	Copyright (C) 2022 Greenbone AG