Debian Package Tracker
Register | Log in
Subscribe

rust-vm-memory

Safe abstractions for accessing the VM physical memory - Rust source code

Choose email to subscribe with

general
  • source: rust-vm-memory (main)
  • version: 0.16.1-4
  • maintainer: Debian Rust Maintainers (archive) (DMD)
  • uploaders: Liang Yan [DMD] – Fabian Grünbichler [DMD]
  • arch: any
  • std-ver: 4.6.1
  • VCS: Git (Browse, QA)
versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]
[pool directory]
  • stable: 0.10.0-3
  • testing: 0.16.1-4
  • unstable: 0.16.1-4
versioned links
  • 0.10.0-3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 0.16.1-4: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
binaries
  • librust-vm-memory-dev
action needed
lintian reports 2 warnings normal
Lintian reports 2 warnings about this package. You should make the package lintian clean getting rid of them.
Created: 2024-12-01 Last update: 2024-12-01 05:34
1 low-priority security issue in bookworm low

There is 1 open security issue in bookworm.

1 issue left for the package maintainer to handle:
  • CVE-2023-41051: (needs triaging) In a typical Virtual Machine Monitor (VMM) there are several components, such as boot loader, virtual device drivers, virtio backend drivers and vhost drivers, that need to access the VM physical memory. The vm-memory rust crate provides a set of traits to decouple VM memory consumers from VM memory providers. An issue was discovered in the default implementations of the `VolatileMemory::{get_atomic_ref, aligned_as_ref, aligned_as_mut, get_ref, get_array_ref}` trait functions, which allows out-of-bounds memory access if the `VolatileMemory::get_slice` function returns a `VolatileSlice` whose length is less than the function’s `count` argument. No implementations of `get_slice` provided in `vm_memory` are affected. Users of custom `VolatileMemory` implementations may be impacted if the custom implementation does not adhere to `get_slice`'s documentation. The issue started in version 0.1.0 but was fixed in version 0.12.2 by inserting a check that verifies that the `VolatileSlice` returned by `get_slice` is of the correct length. Users are advised to upgrade. There are no known workarounds for this issue.

You can find information about how to handle this issue in the security team's documentation.

Created: 2023-09-02 Last update: 2025-02-27 05:02
debian/patches: 3 patches to forward upstream low

Among the 3 debian patches available in version 0.16.1-4 of the package, we noticed the following issues:

  • 3 patches where the metadata indicates that the patch has not yet been forwarded upstream. You should either forward the patch upstream or update the metadata to document its real status.
Created: 2023-04-16 Last update: 2024-12-02 08:00
Build log checks report 2 warnings low
Build log checks report 2 warnings
Created: 2022-04-25 Last update: 2024-12-01 03:00
Standards version of the package is outdated. wishlist
The package should be updated to follow the last version of Debian Policy (Standards-Version 4.7.2 instead of 4.6.1).
Created: 2024-04-07 Last update: 2025-02-27 13:24
news
[rss feed]
  • [2025-01-08] rust-vm-memory 0.16.1-4 MIGRATED to testing (Debian testing watch)
  • [2024-12-01] Accepted rust-vm-memory 0.16.1-4 (source) into unstable (Michael Tokarev)
  • [2024-11-30] Accepted rust-vm-memory 0.16.1-3 (source) into unstable (Michael Tokarev)
  • [2024-11-30] Accepted rust-vm-memory 0.16.1-2 (source) into unstable (Michael Tokarev)
  • [2024-11-30] Accepted rust-vm-memory 0.16.1-1 (source) into unstable (Michael Tokarev)
  • [2024-01-27] rust-vm-memory 0.14.0-1 MIGRATED to testing (Debian testing watch)
  • [2024-01-21] Accepted rust-vm-memory 0.14.0-1 (source) into unstable (Peter Michael Green)
  • [2023-09-08] rust-vm-memory 0.12.2-1 MIGRATED to testing (Debian testing watch)
  • [2023-09-05] Accepted rust-vm-memory 0.12.2-1 (source) into unstable (Blair Noctis) (signed by: Michael Tokarev)
  • [2023-07-21] rust-vm-memory 0.12.0-2 MIGRATED to testing (Debian testing watch)
  • [2023-07-16] Accepted rust-vm-memory 0.12.0-2 (source) into unstable (Blair Noctis) (signed by: Michael Tokarev)
  • [2023-07-16] Accepted rust-vm-memory 0.12.0-1 (source) into unstable (Michael Tokarev)
  • [2023-05-09] rust-vm-memory 0.10.0-3 MIGRATED to testing (Debian testing watch)
  • [2023-04-18] Accepted rust-vm-memory 0.10.0-3 (source) into unstable (Peter Michael Green)
  • [2023-04-15] Accepted rust-vm-memory 0.10.0-2 (source) into unstable (Peter Michael Green)
  • [2023-04-14] Accepted rust-vm-memory 0.10.0-1 (source amd64) into unstable (Fabian Grünbichler) (signed by: Michael Tokarev)
  • [2022-10-28] rust-vm-memory 0.7.0-2 MIGRATED to testing (Debian testing watch)
  • [2022-05-21] Accepted rust-vm-memory 0.7.0-2 (source) into unstable (Sylvestre Ledru)
  • [2022-04-24] Accepted rust-vm-memory 0.7.0-1 (amd64 source) into unstable, unstable (Debian FTP Masters) (signed by: Sylvestre Ledru)
bugs [bug history graph]
  • all: 0
links
  • lintian (0, 2)
  • buildd: logs, checks, reproducibility, cross
  • popcon
  • browse source code
  • edit tags
  • other distros
  • security tracker
  • debian patches
  • debci
ubuntu Ubuntu logo [Information about Ubuntu for Debian Developers]
  • version: 0.16.1-4

Debian Package Tracker — Copyright 2013-2025 The Distro Tracker Developers
Report problems to the tracker.debian.org pseudo-package in the Debian BTS.
Documentation — Bugs — Git Repository — Contributing