[Pkg-rust-maintainers] Bug#1034374: Bug#1034374: RUSTSEC-2023-0031
Peter Green
plugwash at debian.org
Fri Apr 14 00:31:57 BST 2023
>
> https://rustsec.org/advisories/RUSTSEC-2023-0031.html
> https://github.com/mvdnes/spin-rs/issues/148
0123456789001234567890012345678900123456789001234567890012345678900123456789001234567890
https://codesearch.debian.net/search?q=try_call_once&literal=1 returns 8 results.
4 in rust-pnce-cell and 4 in clamav.
One result is a changelog entry.
One result is the definition of try_call_once
One result is the definition of call_once, this uses try_call_once but afaict it uses it
in a way that is not affected by this issue.
the final result is example code.
The 4 in clamav are an embedded copy of the spin crate, and are the same as above.
My conclusion is this does not affect any software in Debian. Nevertheless I intend
to upload a patched version to unstable and request an unblock.
More information about the Pkg-rust-maintainers
mailing list