HistoryEdit

RUSTSEC-2020-0159

Potential segfault in localtime_r invocations

Reported
Issued
Package
chrono (crates.io)
Type
Vulnerability
Categories
Keywords
#segfault
Details
https://github.com/chronotope/chrono/issues/499
Patched
  • >=0.4.20

Description

Impact

Unix-like operating systems may segfault due to dereferencing a dangling pointer in specific circumstances. This requires an environment variable to be set in a different thread than the affected functions. This may occur without the user's knowledge, notably in a third-party library.

Workarounds

No workarounds are known.

References