Project

General

Profile

Actions
Copy link

Bug #16975

closed

Vulnerability in a dependency of relayd benchmarking tool

Added by Alexis Mousset over 4 years ago. Updated over 4 years ago.

Status:
Released
Priority:
N/A
Assignee:
Benoît PECCATTE
Category:
Relay server or API
Target version:
6.0.5
Pull Request:
https://github.com/Normation/rudder/p...
Severity:
UX impact:
User visibility:
Effort required:
Priority:
0
Name check:
Reviewed
Fix check:
Checked
Regression:

Description

18:55:28 ID:       RUSTSEC-2020-0006
18:55:28 Crate:    bumpalo
18:55:28 Version:  3.2.0
18:55:28 Date:     2020-03-24
18:55:28 URL:      https://rustsec.org/advisories/RUSTSEC-2020-0006
18:55:28 Title:    Flaw in `realloc` allows reading unknown memory
18:55:28 Solution:  upgrade to >= 3.2.1
Actions
Copy link
 #1

Updated by Alexis Mousset over 4 years ago

  • Status changed from New to In progress
  • Assignee set to Alexis Mousset
Actions
Copy link
 #2

Updated by Alexis Mousset over 4 years ago

  • Assignee changed from Alexis Mousset to Benoît PECCATTE
  • Pull Request set to https://github.com/Normation/rudder/pull/2845
Actions
Copy link
 #3

Updated by Alexis Mousset over 4 years ago

  • Status changed from In progress to Pending release
Actions
Copy link
 #6

Updated by Alexis Mousset over 4 years ago

  • Subject changed from Vulnerability in rust dependency to Vulnerability in a dependency of relayd becnhmarking tool
  • Name check changed from To do to Reviewed
  • Fix check changed from To do to Checked

The vulnerability was only part of the benchmarking code that is not shipped with relayd.

It doesn't affect Rudder servers.

Actions
Copy link
 #7

Updated by Alexis Mousset over 4 years ago

  • Subject changed from Vulnerability in a dependency of relayd becnhmarking tool to Vulnerability in a dependency of relayd benchmarking tool
Actions
Copy link
 #8

Updated by Vincent MEMBRÉ over 4 years ago

  • Status changed from Pending release to Released

This bug has been fixed in Rudder 6.0.5 which was released today.

Actions
Copy link

Also available in: Atom PDF