Release date:
2026-07-09 20:26:25 UTC
Description:
* SECURITY UPDATE: symlink-directory collision chmod attack in vendored tar crate
- debian/patches/CVE-2026-33056.patch: use fs::symlink_metadata() instead of
fs::metadata() in unpack_dir so a pre-existing symlink is not treated as a
valid existing directory, preventing permission changes on directories
outside the extraction path
- CVE-2026-33056
Updated packages:
-
cargo1.86_1.86.0+dfsg1-1~bpo13+2+tuxcare.els5_amd64.deb
sha:58036cbcdfd63ab4266ccea13b812771a98662cc
-
cargo1.86-doc_1.86.0+dfsg1-1~bpo13+2+tuxcare.els5_all.deb
sha:ddc880514ef535f8b270c2d0d53626df7e5b0c52
-
libstd-rust1.86-1.86_1.86.0+dfsg1-1~bpo13+2+tuxcare.els5_amd64.deb
sha:0f4399c6a25464a44c1de5e5cd6715d1f5358b35
-
libstd-rust1.86-dev_1.86.0+dfsg1-1~bpo13+2+tuxcare.els5_amd64.deb
sha:6f6bb41f4c6a145962844963360ac8cc1b424030
-
rust1.86-all_1.86.0+dfsg1-1~bpo13+2+tuxcare.els5_all.deb
sha:8bd0d8013ff33fb5bb63ec094c3519c740a7f755
-
rust1.86-analyzer_1.86.0+dfsg1-1~bpo13+2+tuxcare.els5_amd64.deb
sha:678c056aeeafdaf356072161dfc596e85bae5c46
-
rust1.86-clippy_1.86.0+dfsg1-1~bpo13+2+tuxcare.els5_amd64.deb
sha:2427fbc2f08fe1bc5219da4f952227bef64f0a8a
-
rust1.86-doc_1.86.0+dfsg1-1~bpo13+2+tuxcare.els5_all.deb
sha:dd5ce6abf8f8e84b58447902b9d889a783e7f3ab
-
rust1.86-gdb_1.86.0+dfsg1-1~bpo13+2+tuxcare.els5_all.deb
sha:62f07b01cbb7da2a67c8e5405857d6451fc83c74
-
rust1.86-lldb_1.86.0+dfsg1-1~bpo13+2+tuxcare.els5_all.deb
sha:3ccf698cf8f32c43e9414e82ee00e7b80c918150
-
rust1.86-llvm_1.86.0+dfsg1-1~bpo13+2+tuxcare.els5_amd64.deb
sha:7ea1d1e9617c626c6c7d789623887f22ac0c4085
-
rust1.86-src_1.86.0+dfsg1-1~bpo13+2+tuxcare.els5_all.deb
sha:bebd422155b4818d9d4b8c99d46db328c5347a4a
-
rustc1.86_1.86.0+dfsg1-1~bpo13+2+tuxcare.els5_amd64.deb
sha:8e73bb4a8b8652a7f4f28b5e44c13b1fb6b3a149
-
rustfmt1.86_1.86.0+dfsg1-1~bpo13+2+tuxcare.els5_amd64.deb
sha:d97ae81867af55d2eec585214dbe13973ec018db
-
cargo1.86_1.86.0+dfsg1-1~bpo13+2+tuxcare.els5_arm64.deb
sha:4c973d6402d36e9381cceed14425929c3772195b
-
cargo1.86-doc_1.86.0+dfsg1-1~bpo13+2+tuxcare.els5_all.deb
sha:926920b6610c964fdb29c0b08446863784a83935
-
libstd-rust1.86-1.86_1.86.0+dfsg1-1~bpo13+2+tuxcare.els5_arm64.deb
sha:4d7c8e34e6f577908fab313035242f9b02969de5
-
libstd-rust1.86-dev_1.86.0+dfsg1-1~bpo13+2+tuxcare.els5_arm64.deb
sha:e1717994b7480004e2bb011ac6d3a6e491a15b47
-
rust1.86-all_1.86.0+dfsg1-1~bpo13+2+tuxcare.els5_all.deb
sha:8bd0d8013ff33fb5bb63ec094c3519c740a7f755
-
rust1.86-analyzer_1.86.0+dfsg1-1~bpo13+2+tuxcare.els5_arm64.deb
sha:d18d815f262ae3145fd5ce51e3cc9bbd8020446f
-
rust1.86-clippy_1.86.0+dfsg1-1~bpo13+2+tuxcare.els5_arm64.deb
sha:9f7a73d40216651643a1cef2be5a4e2da173e7ad
-
rust1.86-doc_1.86.0+dfsg1-1~bpo13+2+tuxcare.els5_all.deb
sha:00b883c2777e058a5a28ff99df70d876ceff7e62
-
rust1.86-gdb_1.86.0+dfsg1-1~bpo13+2+tuxcare.els5_all.deb
sha:62f07b01cbb7da2a67c8e5405857d6451fc83c74
-
rust1.86-lldb_1.86.0+dfsg1-1~bpo13+2+tuxcare.els5_all.deb
sha:3ccf698cf8f32c43e9414e82ee00e7b80c918150
-
rust1.86-llvm_1.86.0+dfsg1-1~bpo13+2+tuxcare.els5_arm64.deb
sha:a9848c196d66c7b90db5db440003e312adddce5b
-
rust1.86-src_1.86.0+dfsg1-1~bpo13+2+tuxcare.els5_all.deb
sha:bebd422155b4818d9d4b8c99d46db328c5347a4a
-
rustc1.86_1.86.0+dfsg1-1~bpo13+2+tuxcare.els5_arm64.deb
sha:33993a7bfddd1a2d120e1f559c319e2b097ad37c
-
rustfmt1.86_1.86.0+dfsg1-1~bpo13+2+tuxcare.els5_arm64.deb
sha:63b29fabf35f0af54cd5097ad90565c8a01211b6
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.