I published a patch for rustc-1.62 (1.62.1+dfsg1-1ubuntu0.22.04.2) on
Jammy in a PPA:
https://launchpad.net/~ruancomelli/+archive/ubuntu/rustc-1.62-release-
pocket-only-2/+sourcepub/18287875/+listing-archive-extra
Note that this PPA is set up to depend only on released dependencies
("Basic" dependencies), and NOT on -security ("Security") or -updates
("Default"). This is because the -security and -updates pockets contain
a newer version of cargo that gets pulled in during the build. This
newer cargo version is incompatible with rustc-1.62, causing a build
failure. By picking only the released dependencies, we ensure that the
cargo version that is used is compatible with rustc-1.62.
Also note that the self-build autopkgtest is still failing due to the
same reason. I will soon upload a new version
(1.62.1+dfsg1-1ubuntu0.22.04.3) with that autopkgtest removed, but
22.04.2 can already be uploaded if this autopkgtest is not required to
pass.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2145764
Title:
CVE-2026-33056: Vendored tar crate can chmod arbitrary directories by
following symlinks
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/cargo/+bug/2145764/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
