Release date:
2026-07-09 20:18:24 UTC
Description:
* SECURITY UPDATE: symlink-directory collision chmod attack in vendored tar crate
- debian/patches/CVE-2026-33056.patch: use fs::symlink_metadata() instead of
fs::metadata() in unpack_dir so a pre-existing symlink is not treated as a
valid existing directory, preventing permission changes on directories
outside the extraction path
- CVE-2026-33056
Updated packages:
-
cargo1.86_1.86.0+dfsg1-1~bpo13+2+tuxcare.els5_amd64.deb
sha:8f0e8e9a66e9778f4bdb44313f22543b671f8f5f
-
cargo1.86-doc_1.86.0+dfsg1-1~bpo13+2+tuxcare.els5_all.deb
sha:0aa3ca3d29c60c43bd937b314c80677143deb61c
-
libstd-rust1.86-1.86_1.86.0+dfsg1-1~bpo13+2+tuxcare.els5_amd64.deb
sha:3af696a011cf5a5d7ab013f86c962bfe40f39fae
-
libstd-rust1.86-dev_1.86.0+dfsg1-1~bpo13+2+tuxcare.els5_amd64.deb
sha:63c06f1dacf7592c56832dd14380957557eb848e
-
rust1.86-all_1.86.0+dfsg1-1~bpo13+2+tuxcare.els5_all.deb
sha:4760341251d4e03559c8d006a5b0b4fd1a0ed5c1
-
rust1.86-analyzer_1.86.0+dfsg1-1~bpo13+2+tuxcare.els5_amd64.deb
sha:d60670f18dca616b2a851efd314afa3e409344ad
-
rust1.86-clippy_1.86.0+dfsg1-1~bpo13+2+tuxcare.els5_amd64.deb
sha:feced662d87c719c388cfc2b0b8fcde32ea759be
-
rust1.86-doc_1.86.0+dfsg1-1~bpo13+2+tuxcare.els5_all.deb
sha:abd8277b8f2feeb4f9ac42d3ecda5cb0f3c4e81c
-
rust1.86-gdb_1.86.0+dfsg1-1~bpo13+2+tuxcare.els5_all.deb
sha:5e6e3b7e086ae621b73151cf07004ac0b83a9cf3
-
rust1.86-lldb_1.86.0+dfsg1-1~bpo13+2+tuxcare.els5_all.deb
sha:a0d849cc8553865523844667bd8017e65ae612f3
-
rust1.86-llvm_1.86.0+dfsg1-1~bpo13+2+tuxcare.els5_amd64.deb
sha:e505e2cd66364959ee4a1c60028dd14a1d979319
-
rust1.86-src_1.86.0+dfsg1-1~bpo13+2+tuxcare.els5_all.deb
sha:3196e7ba1e2198b31834c5518382d5a9dbef32d9
-
rustc1.86_1.86.0+dfsg1-1~bpo13+2+tuxcare.els5_amd64.deb
sha:3f43e5ad329fc7d54a070611c1e2ce2bfe5cc932
-
rustfmt1.86_1.86.0+dfsg1-1~bpo13+2+tuxcare.els5_amd64.deb
sha:3beff525526fd3ab5f508e27dd63d3331e3a23b0
-
cargo1.86_1.86.0+dfsg1-1~bpo13+2+tuxcare.els5_arm64.deb
sha:bb884618cdd3eba49dc898ddb72d508f37bab1b4
-
cargo1.86-doc_1.86.0+dfsg1-1~bpo13+2+tuxcare.els5_all.deb
sha:28673191460e125a7be13773f4705b105c707f0a
-
libstd-rust1.86-1.86_1.86.0+dfsg1-1~bpo13+2+tuxcare.els5_arm64.deb
sha:dbccf996c99798a95f4b934b7a704ffe08bbd320
-
libstd-rust1.86-dev_1.86.0+dfsg1-1~bpo13+2+tuxcare.els5_arm64.deb
sha:3768e33f6b6ec69c2dfcf6ad2741b80bd5ffc9c1
-
rust1.86-all_1.86.0+dfsg1-1~bpo13+2+tuxcare.els5_all.deb
sha:4760341251d4e03559c8d006a5b0b4fd1a0ed5c1
-
rust1.86-analyzer_1.86.0+dfsg1-1~bpo13+2+tuxcare.els5_arm64.deb
sha:2b0f315376c1cfc6f5e58ed216b08d0f6ca247f7
-
rust1.86-clippy_1.86.0+dfsg1-1~bpo13+2+tuxcare.els5_arm64.deb
sha:1c662555f2b21ba7f86ba3b255a59f9e0d0408e3
-
rust1.86-doc_1.86.0+dfsg1-1~bpo13+2+tuxcare.els5_all.deb
sha:7d4f43d3b4704618e248332fbdecdeb8a205e502
-
rust1.86-gdb_1.86.0+dfsg1-1~bpo13+2+tuxcare.els5_all.deb
sha:5e6e3b7e086ae621b73151cf07004ac0b83a9cf3
-
rust1.86-lldb_1.86.0+dfsg1-1~bpo13+2+tuxcare.els5_all.deb
sha:a0d849cc8553865523844667bd8017e65ae612f3
-
rust1.86-llvm_1.86.0+dfsg1-1~bpo13+2+tuxcare.els5_arm64.deb
sha:5bb14a1fef2869f43de86589f29ecd3cbbd668f9
-
rust1.86-src_1.86.0+dfsg1-1~bpo13+2+tuxcare.els5_all.deb
sha:3196e7ba1e2198b31834c5518382d5a9dbef32d9
-
rustc1.86_1.86.0+dfsg1-1~bpo13+2+tuxcare.els5_arm64.deb
sha:6e61b78de62ffb730bce333e94cf1872754b0337
-
rustfmt1.86_1.86.0+dfsg1-1~bpo13+2+tuxcare.els5_arm64.deb
sha:1ac9d54e67e11e5b522b5064691ffeadcbcc3f65
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.