Debian Package Tracker
Register | Log in
Subscribe

rust-regex

Regular expressions for Rust - Rust source code

Choose email to subscribe with

general
  • source: rust-regex (main)
  • version: 1.10.2-1
  • maintainer: Debian Rust Maintainers (archive) (DMD)
  • uploaders: Daniel Kahn Gillmor [DMD] – kpcyrd [DMD] [DM] – Robin Krahl [DMD] – Sylvestre Ledru [DMD]
  • arch: any
  • std-ver: 4.6.1
  • VCS: Git (Browse, QA)
versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]
[pool directory]
  • o-o-stable: 1.1.0-1
  • oldstable: 1.3.7-1
  • stable: 1.7.1-1
  • testing: 1.10.2-1
  • unstable: 1.10.2-1
versioned links
  • 1.1.0-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 1.3.7-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 1.7.1-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 1.10.2-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
binaries
  • librust-regex-dev
action needed
debian/patches: 3 patches to forward upstream low

Among the 3 debian patches available in version 1.10.2-1 of the package, we noticed the following issues:

  • 3 patches where the metadata indicates that the patch has not yet been forwarded upstream. You should either forward the patch upstream or update the metadata to document its real status.
Created: 2023-10-03 Last update: 2023-11-19 09:39
1 low-priority security issue in bullseye low

There is 1 open security issue in bullseye.

1 issue left for the package maintainer to handle:
  • CVE-2022-24713: (needs triaging) regex is an implementation of regular expressions for the Rust language. The regex crate features built-in mitigations to prevent denial of service attacks caused by untrusted regexes, or untrusted input matched by trusted regexes. Those (tunable) mitigations already provide sane defaults to prevent attacks. This guarantee is documented and it's considered part of the crate's API. Unfortunately a bug was discovered in the mitigations designed to prevent untrusted regexes to take an arbitrary amount of time during parsing, and it's possible to craft regexes that bypass such mitigations. This makes it possible to perform denial of service attacks by sending specially crafted regexes to services accepting user-controlled, untrusted regexes. All versions of the regex crate before or equal to 1.5.4 are affected by this issue. The fix is include starting from regex 1.5.5. All users accepting user-controlled regexes are recommended to upgrade immediately to the latest version of the regex crate. Unfortunately there is no fixed set of problematic regexes, as there are practically infinite regexes that could be crafted to exploit this vulnerability. Because of this, it us not recommend to deny known problematic regexes.

You can find information about how to handle this issue in the security team's documentation.

Created: 2022-07-04 Last update: 2023-11-10 04:37
Build log checks report 1 warning low
Build log checks report 1 warning
Created: 2023-10-03 Last update: 2023-10-03 01:40
Standards version of the package is outdated. wishlist
The package should be updated to follow the last version of Debian Policy (Standards-Version 4.6.2 instead of 4.6.1).
Created: 2018-08-26 Last update: 2023-10-25 09:13
news
[rss feed]
  • [2023-11-10] rust-regex 1.10.2-1 MIGRATED to testing (Debian testing watch)
  • [2023-10-25] Accepted rust-regex 1.10.2-1 (source) into unstable (Peter Michael Green)
  • [2023-10-10] Accepted rust-regex 1.9.6-5 (source) into unstable (Peter Michael Green)
  • [2023-10-08] Accepted rust-regex 1.9.6-4 (source) into unstable (Peter Michael Green)
  • [2023-10-03] Accepted rust-regex 1.9.6-3 (source) into experimental (Blair Noctis)
  • [2023-10-03] Accepted rust-regex 1.9.6-2 (source) into unstable (Blair Noctis)
  • [2023-10-01] Accepted rust-regex 1.9.6-1 (source) into unstable (Blair Noctis)
  • [2023-08-25] rust-regex 1.7.3-1 MIGRATED to testing (Debian testing watch)
  • [2023-08-16] Accepted rust-regex 1.7.3-1 (source) into unstable (Peter Michael Green)
  • [2023-02-11] rust-regex 1.7.1-1 MIGRATED to testing (Debian testing watch)
  • [2023-02-07] Accepted rust-regex 1.7.1-1 (source) into unstable (Peter Michael Green)
  • [2022-11-14] rust-regex 1.7.0-1 MIGRATED to testing (Debian testing watch)
  • [2022-11-10] Accepted rust-regex 1.7.0-1 (source) into unstable (Peter Michael Green)
  • [2022-10-15] rust-regex 1.6.0-2 MIGRATED to testing (Debian testing watch)
  • [2022-10-13] Accepted rust-regex 1.6.0-2 (source) into unstable (Peter Michael Green)
  • [2022-10-08] Accepted rust-regex 1.6.0-1 (source) into unstable (Peter Michael Green)
  • [2022-03-23] rust-regex 1.5.5-1 MIGRATED to testing (Debian testing watch)
  • [2022-03-16] Accepted rust-regex 1.5.5-1 (source) into unstable (Sylvestre Ledru)
  • [2021-12-11] rust-regex 1.5.4-1 MIGRATED to testing (Debian testing watch)
  • [2021-12-05] Accepted rust-regex 1.5.4-1 (source) into unstable (Sylvestre Ledru)
  • [2021-10-26] rust-regex 1.3.9-1 MIGRATED to testing (Debian testing watch)
  • [2021-10-23] Accepted rust-regex 1.3.9-1 (source) into unstable (Ximin Luo) (signed by: infinity0@debian.org)
  • [2021-03-23] Accepted rust-regex 1.3.8-1 (source) into experimental (Daniel Kahn Gillmor) (signed by: dkg@debian.org)
  • [2020-04-23] rust-regex 1.3.7-1 MIGRATED to testing (Debian testing watch)
  • [2020-04-18] Accepted rust-regex 1.3.7-1 (source) into unstable (Ximin Luo) (signed by: infinity0@debian.org)
  • [2020-04-15] rust-regex 1.3.6-1 MIGRATED to testing (Debian testing watch)
  • [2020-03-25] Accepted rust-regex 1.3.6-1 (source) into unstable (Sylvestre Ledru)
  • [2020-03-24] Accepted rust-regex 1.3.1-1 (amd64 source) into unstable, unstable (Debian FTP Masters) (signed by: infinity0@debian.org)
  • [2020-03-20] rust-regex REMOVED from testing (Debian testing watch)
  • [2019-08-21] rust-regex 1.2.1-3 MIGRATED to testing (Debian testing watch)
  • 1
  • 2
bugs [bug history graph]
  • all: 0
links
  • homepage
  • lintian
  • buildd: logs, checks, reproducibility, cross
  • popcon
  • browse source code
  • edit tags
  • other distros
  • security tracker
  • debian patches
  • debci
ubuntu Ubuntu logo [Information about Ubuntu for Debian Developers]
  • version: 1.7.3-1

Debian Package Tracker — Copyright 2013-2018 The Distro Tracker Developers
Report problems to the tracker.debian.org pseudo-package in the Debian BTS.
Documentation — Bugs — Git Repository — Contributing