RUSTSEC-2020-0159: Potential segfault in `localtime_r` invocations
github-actions opened this issue · 1 comments
github-actions commented
Potential segfault in
localtime_rinvocations
| Details | |
|---|---|
| Package | chrono |
| Version | 0.4.19 |
| URL | chronotope/chrono#499 |
| Date | 2020-11-10 |
Impact
Unix-like operating systems may segfault due to dereferencing a dangling pointer in specific circumstances. This requires an environment variable to be set in a different thread than the affected functions. This may occur without the user's knowledge, notably in a third-party library.
Workarounds
No workarounds are known.
References
See advisory page for additional details.
Forsworns commented