SUSE Container Update Advisory: bci/rust ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2023:2138-1 Container Tags : bci/rust:1.70 , bci/rust:1.70-1.6.2 , bci/rust:latest , bci/rust:stable , bci/rust:stable-1.6.2 Container Release : 6.2 Severity : important Type : security References : 1201627 1207534 1211430 CVE-2022-4304 CVE-2023-2650 ----------------------------------------------------------------- The container bci/rust was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: 29171 Released: Tue Jun 20 12:29:00 2023 Summary: Security update for openssl-1_1 Type: security Severity: important References: 1201627,1207534,1211430,CVE-2022-4304,CVE-2023-2650 This update for openssl-1_1 fixes the following issues: - CVE-2023-2650: Fixed possible denial of service translating ASN.1 object identifiers (bsc#1211430). - CVE-2022-4304: Reworked the fix for the Timing-Oracle in RSA decryption. The previous fix for this timing side channel turned out to cause a severe 2-3x performance regression in the typical use case (bsc#1207534). - Update further expiring certificates that affect tests (bsc#1201627) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2023:2559-1 Released: Tue Jun 20 18:03:33 2023 Summary: Recommended update for rust, rust1.70 Type: recommended Severity: moderate References: This update for rust, rust1.70 fixes the following issues: Changes in rust: - Update to version 1.70.0 - for details see the rust1.70 package Changes in rust1.70: Version 1.70.0 (2023-06-01) ========================== Language -------- - Relax ordering rules for `asm!` operands - Properly allow macro expanded `format_args` invocations to uses captures - Lint ambiguous glob re-exports - Perform const and unsafe checking for expressions in `let _ = expr` position. Compiler -------- - Extend -Cdebuginfo with new options and named aliases This provides a smaller version of debuginfo for cases that only need line number information (`-Cdebuginfo=line-tables-only`), which may eventually become the default for `-Cdebuginfo=1`. - Make `unused_allocation` lint against `Box::new` too - Detect uninhabited types early in const eval - Switch to LLD as default linker for {arm,thumb}v4t-none-eabi - Add tier 3 target `loongarch64-unknown-linux-gnu` - Add tier 3 target for `i586-pc-nto-qnx700` (QNX Neutrino RTOS, version 7.0) - Insert alignment checks for pointer dereferences as debug assertions This catches undefined behavior at runtime, and may cause existing code to fail. Refer to Rust's platform support page for more information on Rust's tiered platform support. Libraries --------- - Document NonZeroXxx layout guarantees - Windows: make `Command` prefer non-verbatim paths - Implement Default for some alloc/core iterators - Fix handling of trailing bare CR in str::lines - allow negative numeric literals in `concat!` - Add documentation about the memory layout of `Cell` - Use `partial_cmp` to implement tuple `lt`/`le`/`ge`/`gt` - Stabilize `atomic_as_ptr` - Stabilize `nonnull_slice_from_raw_parts` - Partial stabilization of `once_cell` - Stabilize `nonzero_min_max` - Flatten/inline format_args!() and (string and int) literal arguments into format_args!() - Stabilize movbe target feature - don't splice from files into pipes in io::copy - Add a builtin unstable `FnPtr` trait that is implemented for all function pointers This extends `Debug`, `Pointer`, `Hash`, `PartialEq`, `Eq`, `PartialOrd`, and `Ord` implementations for function pointers with all ABIs. Stabilized APIs --------------- - `NonZero*::MIN/MAX` - `BinaryHeap::retain` - `Default for std::collections::binary_heap::IntoIter` - `Default for std::collections::btree_map::{IntoIter, Iter, IterMut}` - `Default for std::collections::btree_map::{IntoKeys, Keys}` - `Default for std::collections::btree_map::{IntoValues, Values}` - `Default for std::collections::btree_map::Range` - `Default for std::collections::btree_set::{IntoIter, Iter}` - `Default for std::collections::btree_set::Range` - `Default for std::collections::linked_list::{IntoIter, Iter, IterMut}` - `Default for std::vec::IntoIter` - `Default for std::iter::Chain` - `Default for std::iter::Cloned` - `Default for std::iter::Copied` - `Default for std::iter::Enumerate` - `Default for std::iter::Flatten` - `Default for std::iter::Fuse` - `Default for std::iter::Rev` - `Default for std::slice::Iter` - `Default for std::slice::IterMut` - `Rc::into_inner` - `Arc::into_inner` - `std::cell::OnceCell` - `Option::is_some_and` - `NonNull::slice_from_raw_parts` - `Result::is_ok_and` - `Result::is_err_and` - `std::sync::atomic::Atomic*::as_ptr` - `std::io::IsTerminal` - `std::os::linux::net::SocketAddrExt` - `std::os::unix::net::UnixDatagram::bind_addr` - `std::os::unix::net::UnixDatagram::connect_addr` - `std::os::unix::net::UnixDatagram::send_to_addr` - `std::os::unix::net::UnixListener::bind_addr` - `std::path::Path::as_mut_os_str` - `std::sync::OnceLock` Cargo ----- - Add `CARGO_PKG_README` - Make `sparse` the default protocol for crates.io - Accurately show status when downgrading dependencies - Use registry.default for login/logout - Stabilize `cargo logout` Misc ---- - Stabilize rustdoc `--test-run-directory` Compatibility Notes ------------------- - Prevent stable `libtest` from supporting `-Zunstable-options` - Perform const and unsafe checking for expressions in `let _ = expr` position. - WebAssembly targets enable `sign-ext` and `mutable-globals` features in codegen This may cause incompatibility with older execution environments. - Insert alignment checks for pointer dereferences as debug assertions This catches undefined behavior at runtime, and may cause existing code to fail. ----------------------------------------------------------------- Advisory ID: SUSE-RU-2023:2625-1 Released: Fri Jun 23 17:16:11 2023 Summary: Recommended update for gcc12 Type: recommended Severity: moderate References: This update for gcc12 fixes the following issues: - Update to GCC 12.3 release, 0c61aa720e62f1baf0bfd178e283, git1204 * includes regression and other bug fixes - Speed up builds with --enable-link-serialization. - Update embedded newlib to version 4.2.0 The following package changes have been done: - libgcc_s1-12.3.0+git1204-150000.1.10.1 updated - libstdc++6-12.3.0+git1204-150000.1.10.1 updated - libopenssl1_1-1.1.1l-150500.17.6.1 updated - libopenssl1_1-hmac-1.1.1l-150500.17.6.1 updated - libatomic1-12.3.0+git1204-150000.1.10.1 updated - libgomp1-12.3.0+git1204-150000.1.10.1 updated - libitm1-12.3.0+git1204-150000.1.10.1 updated - liblsan0-12.3.0+git1204-150000.1.10.1 updated - libubsan1-12.3.0+git1204-150000.1.10.1 updated - rust1.70-1.70.0-150400.9.3.1 added - cargo1.70-1.70.0-150400.9.3.1 added - container:sles15-image-15.0.0-36.5.7 updated - cargo1.69-1.69.0-150400.9.3.1 removed - rust1.69-1.69.0-150400.9.3.1 removed