bjoernager/rust
bjoernager/rust
1
Fork 0
Code Issues Pull requests Activity

Backport 1.27.1 release notes to master

Browse source
This commit is contained in:
Mark Rousskov 2018-07-12 09:23:00 -06:00
parent d334027c58
commit 4c340a28ad
1 changed files with 23 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

23
RELEASES.md
View file

@ -140,6 +140,29 @@ Compatibility Notes
[`{Any + Send + Sync}::downcast_ref`]: https://doc.rust-lang.org/std/any/trait.Any.html#method.downcast_ref-2 [`{Any + Send + Sync}::downcast_ref`]: https://doc.rust-lang.org/std/any/trait.Any.html#method.downcast_ref-2
[`{Any + Send + Sync}::is`]: https://doc.rust-lang.org/std/any/trait.Any.html#method.is-2 [`{Any + Send + Sync}::is`]: https://doc.rust-lang.org/std/any/trait.Any.html#method.is-2
Version 1.27.1 (2018-07-10)
===========================
Security Notes
--------------
- rustdoc would execute plugins in the /tmp/rustdoc/plugins directory
when running, which enabled executing code as some other user on a
given machine. This release fixes that vulnerability; you can read
more about this on the [blog][rustdoc-sec]. The associated CVE is [CVE-2018-1000622].
Thank you to Red Hat for responsibily disclosing this vulnerability to us.
Compatibility Notes
-------------------
- The borrow checker was fixed to avoid an additional potential unsoundness when using
match ergonomics: [#51415][51415], [#49534][49534].
[51415]: https://github.com/rust-lang/rust/issues/51415
[49534]: https://github.com/rust-lang/rust/issues/49534
[rustdoc-sec]: https://blog.rust-lang.org/2018/07/06/security-advisory-for-rustdoc.html
[CVE-2018-1000622]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=%20CVE-2018-1000622
Version 1.27.0 (2018-06-21) Version 1.27.0 (2018-06-21)
========================== ==========================