Bug #16975
closed
Vulnerability in a dependency of relayd benchmarking tool
Added by Alexis Mousset over 4 years ago.
Updated over 4 years ago.
Category:
Relay server or API
Description
18:55:28 ID: RUSTSEC-2020-0006
18:55:28 Crate: bumpalo
18:55:28 Version: 3.2.0
18:55:28 Date: 2020-03-24
18:55:28 URL: https://rustsec.org/advisories/RUSTSEC-2020-0006
18:55:28 Title: Flaw in `realloc` allows reading unknown memory
18:55:28 Solution: upgrade to >= 3.2.1
- Status changed from New to In progress
- Assignee set to Alexis Mousset
- Assignee changed from Alexis Mousset to Benoît PECCATTE
- Pull Request set to https://github.com/Normation/rudder/pull/2845
- Status changed from In progress to Pending release
- Subject changed from Vulnerability in rust dependency to Vulnerability in a dependency of relayd becnhmarking tool
- Name check changed from To do to Reviewed
- Fix check changed from To do to Checked
The vulnerability was only part of the benchmarking code that is not shipped with relayd.
It doesn't affect Rudder servers.
- Subject changed from Vulnerability in a dependency of relayd becnhmarking tool to Vulnerability in a dependency of relayd benchmarking tool
- Status changed from Pending release to Released
This bug has been fixed in Rudder 6.0.5 which was released today.
Also available in: Atom
PDF
Updated by 
Updated by