From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <sundeep.kokkonda@windriver.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 74BBCC46467
	for <webhook@archiver.kernel.org>; Mon, 16 Jan 2023 15:20:58 +0000 (UTC)
Subject: Re: [PATCH] rust: Upgrade 1.66.0 -> 1.66.1
To: openembedded-core@lists.openembedded.org
From: "Kokkonda, Sundeep" <sundeep.kokkonda@windriver.com>
X-Originating-Location: Belgaum, Karnataka, IN (103.197.112.48)
X-Originating-Platform: Windows Chrome 108
User-Agent: GROUPS.IO Web Poster
MIME-Version: 1.0
Date: Mon, 16 Jan 2023 07:20:52 -0800
References: <17490.1673869297796319682@lists.openembedded.org>
In-Reply-To: <17490.1673869297796319682@lists.openembedded.org>
Message-ID: <17490.1673882452401971192@lists.openembedded.org>
Content-Type: multipart/alternative; boundary="HOqOWn0yiHlyNuCKqfST"
List-Id: <openembedded-core.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-core@lists.openembedded.org>; Mon, 16 Jan 2023 15:20:58 -0000
X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/175995

--HOqOWn0yiHlyNuCKqfST
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

Rust community said the security fixes are only for the current stable rela=
ses.
https://internals.rust-lang.org/t/cargo-cve-2022-46176-fix-for-older-releas=
es/18152/3?u=3Dsundeep-kokkonda
For old release we've to backport the patches ourselves.

So, for the Kirkstone & Langdale we've to back port the CVE fix.

--HOqOWn0yiHlyNuCKqfST
Content-Type: text/html; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

Rust community said the security fixes are only for the current stable rela=
ses.<br /><a href=3D"https://internals.rust-lang.org/t/cargo-cve-2022-46176=
-fix-for-older-releases/18152/3?u=3Dsundeep-kokkonda" target=3D"_blank" rel=
=3D"noopener">https://internals.rust-lang.org/t/cargo-cve-2022-46176-fix-fo=
r-older-releases/18152/3?u=3Dsundeep-kokkonda</a><br />For old release we'v=
e to backport the patches ourselves.<br /><br />So, for the Kirkstone &amp;=
 Langdale we've to back port the CVE fix.

--HOqOWn0yiHlyNuCKqfST--