Actions
Bug #16975
closed
Vulnerability in a dependency of relayd benchmarking tool
Pull Request:
Severity:
UX impact:
User visibility:
Effort required:
Priority:
0
Name check:
Reviewed
Fix check:
Checked
Regression:
Description
18:55:28 ID: RUSTSEC-2020-0006 18:55:28 Crate: bumpalo 18:55:28 Version: 3.2.0 18:55:28 Date: 2020-03-24 18:55:28 URL: https://rustsec.org/advisories/RUSTSEC-2020-0006 18:55:28 Title: Flaw in `realloc` allows reading unknown memory 18:55:28 Solution: upgrade to >= 3.2.1
Updated by Alexis Mousset about 4 years ago
- Status changed from New to In progress
- Assignee set to Alexis Mousset
Updated by Alexis Mousset about 4 years ago
- Assignee changed from Alexis Mousset to Benoît PECCATTE
- Pull Request set to https://github.com/Normation/rudder/pull/2845
Updated by Alexis Mousset about 4 years ago
- Status changed from In progress to Pending release
Applied in changeset rudder|c7120b9883cbb3d015012282984f5502dcd35389.
Updated by Alexis Mousset about 4 years ago
Applied in changeset rudder|245e0929b43f42b66ecb99e98c053d3125a3f2ec.
Updated by Alexis Mousset about 4 years ago
Applied in changeset rudder|245e0929b43f42b66ecb99e98c053d3125a3f2ec.
Updated by Alexis Mousset about 4 years ago
- Subject changed from Vulnerability in rust dependency to Vulnerability in a dependency of relayd becnhmarking tool
- Name check changed from To do to Reviewed
- Fix check changed from To do to Checked
The vulnerability was only part of the benchmarking code that is not shipped with relayd.
It doesn't affect Rudder servers.
Updated by Alexis Mousset about 4 years ago
- Subject changed from Vulnerability in a dependency of relayd becnhmarking tool to Vulnerability in a dependency of relayd benchmarking tool
Updated by Vincent MEMBRÉ about 4 years ago
- Status changed from Pending release to Released
This bug has been fixed in Rudder 6.0.5 which was released today.
Actions