Mirrors/rust
1
0
Fork 0
mirror of https://github.com/rust-lang/rust.git synced 2026-04-27 18:57:42 +03:00
Code Issues Packages Projects Releases Wiki Activity

Auto merge of #114410 - pietroalbini:pa-cve-2023-38497-stable, r=pietroalbini

Browse Source 
[stable] Update point release to fix CVE-2023-38497

This PR fixes CVE-2023-38497 on stable, by updating Cargo to a fixed version.

r? `@ghost`
cc `@rust-lang/release`
This commit is contained in:
bors
2023-08-03 12:11:47 +00:00
parent 7c790132e1 64611e15c7
commit eb26296b55
2 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
RELEASES.md
+1
View File
@@ -1,6 +1,7 @@
Version 1.71.1 (2023-08-03)
===========================
- [Fix CVE-2023-38497: Cargo did not respect the umask when extracting dependencies](https://github.com/rust-lang/cargo/security/advisories/GHSA-j3xp-wfr4-hx87)
- [Fix bash completion for users of Rustup](https://github.com/rust-lang/rust/pull/113579)
- [Do not show `suspicious_double_ref_op` lint when calling `borrow()`](https://github.com/rust-lang/rust/pull/112517)
- [Fix ICE: substitute types before checking inlining compatibility](https://github.com/rust-lang/rust/pull/113802)
src/tools/cargo
+1 -1
Submodule src/tools/cargo updated: cfd3bbd8fe...7f1d04c005