|
@rustlang | |||||
|
CVE-2019-16760 has been published, affecting Rust 1.25.0 and lower. Learn more on our blog:
blog.rust-lang.org/2019/09/30/Sec…
|
||||||
|
||||||
|
ᴋᴏɴ of 2020
@GolDDranks
|
30. ruj |
|
I think this brings even more demand for the minimum Rust version feature. (github.com/rust-lang/rfcs…) That makes it possible to defend against similar "config retro-interpretation" vulnerabilities in the future.
|
||
|
|
||
|
ᴋᴏɴ of 2020
@GolDDranks
|
30. ruj |
|
That's impossible to do pervasively, because new crates using the feature are published all the time, and not all crates that use it are even in crates.io, so the team couldn't know about them.
|
||
|
|
||
|
Daniel Dettlaff
@dmilith
|
1. lis |
|
`rustup update` :)
|
||
|
|
||