It looks like these CVEs affect all versions up to 1.52 (which is not yet released).
Do you have links to patches fixing these bugs that can be backported to 1.48? We've had 1.48 for a while due to the migration freeze, and I've been informed that some rust packages in Debian break with newer versions of rustc and will need themselves to be updated - so I'd rather not force that during the freeze, I'd rather backport security fixes to 1.48. Best, Ximin Moritz Muehlenhoff: > Package: rustc > Severity: grave > Tags: security > X-Debbugs-Cc: Debian Security Team <t...@security.debian.org> > > _______________________________________________ > Pkg-rust-maintainers mailing list > pkg-rust-maintain...@alioth-lists.debian.net > https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-rust-maintainers > -- GPG: ed25519/56034877E1F87C35 https://github.com/infinity0/pubkeys.git
