Register | Log in

rust-regex

Choose email to subscribe with

general

source: rust-regex (main)
version: 1.5.5-1
maintainer: Debian Rust Maintainers (archive) (DMD)
uploaders: Sylvestre Ledru [DMD] – Robin Krahl [DMD] – kpcyrd [DMD] [DM] – Daniel Kahn Gillmor [DMD]
arch: any
std-ver: 4.5.1
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

oldstable: 1.1.0-1
stable: 1.3.7-1
testing: 1.5.5-1
unstable: 1.5.5-1

versioned links

1.1.0-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.3.7-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.3.9-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.5.5-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

librust-regex+aho-corasick-dev
librust-regex+default-dev
librust-regex+memchr-dev
librust-regex+perf-dev
librust-regex+perf-literal-dev
librust-regex+unicode-age-dev
librust-regex+unicode-bool-dev
librust-regex+unicode-case-dev
librust-regex+unicode-dev
librust-regex+unicode-gencat-dev
librust-regex+unicode-perl-dev
librust-regex+unicode-script-dev
librust-regex+unicode-segment-dev
librust-regex-dev

action needed

1 binary package has unsatisfiable dependencies high

The dependencies of librust-regex+perf-cache-dev=1.3.9-1 cannot be satisfied in unstable on armel, mipsel, arm64, armhf, ppc64el, i386, s390x, mips64el, and amd64 because: unsatisfied dependency on librust-regex-dev (= 1.3.9-1)

Created: 2021-12-07 Last update: 2022-05-16 05:00

1 security issue in buster high

There is 1 open security issue in buster.

1 important issue:

CVE-2022-24713: regex is an implementation of regular expressions for the Rust language. The regex crate features built-in mitigations to prevent denial of service attacks caused by untrusted regexes, or untrusted input matched by trusted regexes. Those (tunable) mitigations already provide sane defaults to prevent attacks. This guarantee is documented and it's considered part of the crate's API. Unfortunately a bug was discovered in the mitigations designed to prevent untrusted regexes to take an arbitrary amount of time during parsing, and it's possible to craft regexes that bypass such mitigations. This makes it possible to perform denial of service attacks by sending specially crafted regexes to services accepting user-controlled, untrusted regexes. All versions of the regex crate before or equal to 1.5.4 are affected by this issue. The fix is include starting from regex 1.5.5. All users accepting user-controlled regexes are recommended to upgrade immediately to the latest version of the regex crate. Unfortunately there is no fixed set of problematic regexes, as there are practically infinite regexes that could be crafted to exploit this vulnerability. Because of this, it us not recommend to deny known problematic regexes.

Created: 2022-03-09 Last update: 2022-03-22 13:04

1 security issue in bullseye high

There is 1 open security issue in bullseye.

1 important issue:

CVE-2022-24713: regex is an implementation of regular expressions for the Rust language. The regex crate features built-in mitigations to prevent denial of service attacks caused by untrusted regexes, or untrusted input matched by trusted regexes. Those (tunable) mitigations already provide sane defaults to prevent attacks. This guarantee is documented and it's considered part of the crate's API. Unfortunately a bug was discovered in the mitigations designed to prevent untrusted regexes to take an arbitrary amount of time during parsing, and it's possible to craft regexes that bypass such mitigations. This makes it possible to perform denial of service attacks by sending specially crafted regexes to services accepting user-controlled, untrusted regexes. All versions of the regex crate before or equal to 1.5.4 are affected by this issue. The fix is include starting from regex 1.5.5. All users accepting user-controlled regexes are recommended to upgrade immediately to the latest version of the regex crate. Unfortunately there is no fixed set of problematic regexes, as there are practically infinite regexes that could be crafted to exploit this vulnerability. Because of this, it us not recommend to deny known problematic regexes.

Created: 2022-03-09 Last update: 2022-03-22 13:04

lintian reports 13 errors high

Lintian reports 13 errors about this package. You should make the package lintian clean getting rid of them.

Created: 2022-01-01 Last update: 2022-01-01 04:35

Build log checks report 1 warning low

Build log checks report 1 warning

Created: 2020-03-25 Last update: 2020-03-25 23:06

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.6.1 instead of 4.5.1).

Created: 2018-08-26 Last update: 2022-05-11 23:24

news

[2022-03-23] rust-regex 1.5.5-1 MIGRATED to testing (Debian testing watch)
[2022-03-16] Accepted rust-regex 1.5.5-1 (source) into unstable (Sylvestre Ledru)
[2021-12-11] rust-regex 1.5.4-1 MIGRATED to testing (Debian testing watch)
[2021-12-05] Accepted rust-regex 1.5.4-1 (source) into unstable (Sylvestre Ledru)
[2021-10-26] rust-regex 1.3.9-1 MIGRATED to testing (Debian testing watch)
[2021-10-23] Accepted rust-regex 1.3.9-1 (source) into unstable (Ximin Luo) (signed by: infinity0@debian.org)
[2021-03-23] Accepted rust-regex 1.3.8-1 (source) into experimental (Daniel Kahn Gillmor) (signed by: dkg@debian.org)
[2020-04-23] rust-regex 1.3.7-1 MIGRATED to testing (Debian testing watch)
[2020-04-18] Accepted rust-regex 1.3.7-1 (source) into unstable (Ximin Luo) (signed by: infinity0@debian.org)
[2020-04-15] rust-regex 1.3.6-1 MIGRATED to testing (Debian testing watch)
[2020-03-25] Accepted rust-regex 1.3.6-1 (source) into unstable (Sylvestre Ledru)
[2020-03-24] Accepted rust-regex 1.3.1-1 (amd64 source) into unstable, unstable (Debian FTP Masters) (signed by: infinity0@debian.org)
[2020-03-20] rust-regex REMOVED from testing (Debian testing watch)
[2019-08-21] rust-regex 1.2.1-3 MIGRATED to testing (Debian testing watch)
[2019-08-16] Accepted rust-regex 1.2.1-3 (source) into unstable (Ximin Luo)
[2019-08-14] Accepted rust-regex 1.2.1-2 (source) into unstable (kpcyrd) (signed by: Sylvestre Ledru)
[2019-08-08] Accepted rust-regex 1.2.1-1 (source) into unstable (Ximin Luo)
[2019-03-07] rust-regex 1.1.0-1 MIGRATED to testing (Debian testing watch)
[2019-02-24] Accepted rust-regex 1.1.0-1 (source) into unstable (Robin Krahl) (signed by: Sylvestre Ledru)
[2018-10-26] rust-regex 1.0.5-1 MIGRATED to testing (Debian testing watch)
[2018-10-20] Accepted rust-regex 1.0.5-1 (source) into unstable (Sylvestre Ledru)
[2018-09-07] rust-regex 1.0.2-1 MIGRATED to testing (Debian testing watch)
[2018-08-16] Accepted rust-regex 1.0.2-1 (source amd64) into unstable (Sylvestre Ledru)
[2018-07-26] Accepted rust-regex 1.0.1-1 (source amd64) into unstable, unstable (Sylvestre Ledru)

bugs [bug history graph]

all: 0

links

homepage
lintian (13, 0)
buildd: logs, checks, clang, reproducibility, debcheck, cross
popcon
browse source code
edit tags
other distros
security tracker
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 1.5.4-1

Debian Package Tracker — Copyright 2013-2018 The Distro Tracker Developers

Report problems to the tracker.debian.org pseudo-package in the Debian BTS.

Documentation — Bugs — Git Repository — Contributing