RUSTSEC-2020-0089: nanorand: nanorand 0.5.0 - RNGs failed to generate properly for non-64-bit numbers


In versions of nanorand prior to 0.5.1, RandomGen implementations for standard unsigned integers could fail to properly generate numbers, due to using bit-shifting to truncate a 64-bit number, rather than just an as conversion.

This often manifested as RNGs returning nothing but 0, including the cryptographically secure ChaCha random number generator..

More Info

Patched Versions