Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

RUSTSEC-2020-0159: Potential segfault in localtime_r invocations #786

Closed
github-actions bot opened this issue Oct 19, 2021 · 1 comment · Fixed by #830
Closed

RUSTSEC-2020-0159: Potential segfault in localtime_r invocations #786

github-actions bot opened this issue Oct 19, 2021 · 1 comment · Fixed by #830
Assignees
@jyhi

Comments

@github-actions
Copy link
Contributor

Potential segfault in localtime_r invocations

Details
Package chrono
Version 0.4.19
URL chronotope/chrono#499
Date 2020-11-10

Impact

Unix-like operating systems may segfault due to dereferencing a dangling pointer in specific circumstances. This requires an environment variable to be set in a different thread than the affected functions. This may occur without the user's knowledge, notably in a third-party library.

Workarounds

No workarounds are known.

References

See advisory page for additional details.
@jyhi jyhi self-assigned this Nov 16, 2021
@jyhi jyhi added the P4 - Low label Nov 16, 2021
@jyhi
Copy link
Contributor

jyhi commented Nov 16, 2021

bee-common v0.4.1 -> v0.5.0: iotaledger/iota.rs#718 (comment)

@jyhi jyhi linked a pull request Dec 9, 2021 that will close this issue
Update dependencies #830
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jyhi jyhi

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Update dependencies iotaledger/wallet.rs
1 participant
@jyhi