There is 1 open security issue in trixie.
There is 1 open security issue in sid.
Among the 13 debian patches available in version 0.66.0+ds1-1 of the package, we noticed the following issues:
commit b2d5a606fe97ae2f9ede2463fa28adb5ae2870fc Merge: 4855d12f9d bac0ad2d5b Author: Fabian Grünbichler <debian@fabian.gruenbichler.email> Date: Sun Apr 23 18:37:00 2023 +0000 merge request rust-team/cargo!19 d/bin/cargo: handle LTO options from `DEB_BUILD_OPTIONS` commit bac0ad2d5b64bd9d8878dca43055d4ad02e99237 Author: Zixing Liu <liushuyu011@gmail.com> Date: Sun Apr 23 18:36:59 2023 +0000 d/bin/cargo: handle LTO options from DEB_BUILD_OPTIONS ... this make cargo wrapper switch on or off LTO phase based on DEB_BUILD_OPTIONS set by the debhelper program commit 4855d12f9d91860a7b79b919deba1f08a19879aa Author: Fabian Grünbichler <debian@fabian.gruenbichler.email> Date: Wed Jan 11 18:55:48 2023 +0100 bump version to 0.66.0+ds1-1 Signed-off-by: Fabian Grünbichler <debian@fabian.gruenbichler.email> commit 70bdb1bfa856db01fb5db7b20a757d2247a91c29 Author: Fabian Grünbichler <debian@fabian.gruenbichler.email> Date: Wed Jan 11 19:10:20 2023 +0100 update d/copyright for newly added, vendored dependencies Signed-off-by: Fabian Grünbichler <debian@fabian.gruenbichler.email> commit 1520c2f6fcd6635d981efe711f18680715a923e9 Merge: 43d600468a 219e736326 Author: Fabian Grünbichler <debian@fabian.gruenbichler.email> Date: Thu Jan 12 15:39:19 2023 +0100 Update upstream source from tag 'upstream/0.66.0+ds1' Update to upstream version '0.66.0+ds1' with Debian dir 1eb4fb8eeb65bb50b9f85a4fc4d6a3d47395bc12 commit 219e7363266c99449e0b6e631b331223ec928c7a Merge: a9f67d5777 4bc8f24d3e Author: Fabian Grünbichler <debian@fabian.gruenbichler.email> Date: Thu Jan 12 15:38:52 2023 +0100 New upstream version 0.66.0+ds1 commit 43d600468a6af77de5e61ce14569fc0ee1331a35 Author: Fabian Grünbichler <debian@fabian.gruenbichler.email> Date: Wed Jan 11 18:41:56 2023 +0100 update unsuspicious files for dependencies pulled in by the CVE fix Signed-off-by: Fabian Grünbichler <debian@fabian.gruenbichler.email> commit 4c7a4b8cb95f8822fd06838e6039e269db717e74 Author: Fabian Grünbichler <f.gruenbichler@proxmox.com> Date: Wed Jan 11 10:50:21 2023 +0100 apply CVE fix for tarball generation the fix updates and adds dependencies which we need to vendor. Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com> commit e3191111227fe933f83c88719e646c333103afd0 Author: Fabian Grünbichler <f.gruenbichler@proxmox.com> Date: Wed Jan 11 11:04:09 2023 +0100 adjust CVE patches for src:cargo Cargo.toml files are not normalized here, since they are not obtained from crates.io but from the upstream tarball. The bundled cargo-test-support crate also needs to be adjusted. Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com> commit c08743d18400e90c6c6c3f327c01f7b8d3bc50fa Author: Fabian Grünbichler <f.gruenbichler@proxmox.com> Date: Wed Jan 11 10:50:07 2023 +0100 add CVE-2022-46176 fix Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
There are 4 open security issues in bullseye.
You can find information about how to handle these issues in the security team's documentation.
There is 1 open security issue in bookworm.
You can find information about how to handle this issue in the security team's documentation.