076萌SNS
  • Login

  • Public

    • Public
    • Network
    • Groups
    • Popular
    • People

Conversation

Notices

  1. Jan :rust: :ferris: (janriemer@floss.social)'s status on Friday, 13-Jan-2023 06:37:52 JST Jan :rust: :ferris: Jan :rust: :ferris:

    Question to #Rust or #security experts:

    Seeing the recent vulnerability in #Cargo and the corresponding fix for it in #RustLang version 1.66.1, I was wondering:

    Shouldn't this fix be _backported_ to other versions, too? Am I understanding semver wrong?

    So, in my view, there should now also be a version 1.65.1, 1.64.1 and so on.

    Otherwise, a lot of older versions (maybe all) stay vulnerable, no?

    Post about 1.66.1:
    https://blog.rust-lang.org/2023/01/10/Rust-1.66.1.html

    #AskFedi #FollowerPower #LazyWeb #RustLang #SemVer

    In conversation Friday, 13-Jan-2023 06:37:52 JST from floss.social permalink

    Attachments

    1. Announcing Rust 1.66.1 | Rust Blog
      from @rustlang
      Empowering everyone to build reliable and efficient software.

    Feeds

    • Activity Streams
    • RSS 2.0
    • Atom
    • Help
    • About
    • FAQ
    • TOS
    • Privacy
    • Source
    • Version
    • Contact

    076萌SNS is a social network, courtesy of 076. It runs on GNU social, version 2.0.2-beta0, available under the GNU Affero General Public License.

    Creative Commons Attribution 3.0 All 076萌SNS content and data are available under the Creative Commons Attribution 3.0 license.