Skip to content

Commit

Permalink
Auto merge of #114410 - pietroalbini:pa-cve-2023-38497-stable, r=piet…
Browse files Browse the repository at this point in the history
…roalbini

[stable] Update point release to fix CVE-2023-38497

This PR fixes CVE-2023-38497 on stable, by updating Cargo to a fixed version.

r? `@ghost`
cc `@rust-lang/release`
  • Loading branch information
bors committed Aug 3, 2023
2 parents 7c79013 + 64611e1 commit eb26296
Show file tree
Hide file tree
Showing 2 changed files with 2 additions and 1 deletion.
1 change: 1 addition & 0 deletions RELEASES.md
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
Version 1.71.1 (2023-08-03)
===========================

- [Fix CVE-2023-38497: Cargo did not respect the umask when extracting dependencies](https://github.com/rust-lang/cargo/security/advisories/GHSA-j3xp-wfr4-hx87)
- [Fix bash completion for users of Rustup](https://github.com/rust-lang/rust/pull/113579)
- [Do not show `suspicious_double_ref_op` lint when calling `borrow()`](https://github.com/rust-lang/rust/pull/112517)
- [Fix ICE: substitute types before checking inlining compatibility](https://github.com/rust-lang/rust/pull/113802)
Expand Down

0 comments on commit eb26296

Please sign in to comment.