The Rust team has published a new point release of Rust, 1.34.2. Rust is a programming language that is empowering everyone to build reliable and efficient software.
If you have a previous version of Rust installed via rustup, getting Rust 1.34.2 is as easy as:
$ rustup update stable
If you don't have it already, you can get
rustup from the
appropriate page on our website.
What's in 1.34.2 stable
Sean McArthur reported a security vulnerability affecting the standard
library that caused the
Error::downcast family of methods
to perform unsound casts when a manual implementation of the
Error::type_id method returned the wrong
TypeId, leading to security issues such as out of bounds
Error::type_id method was recently stabilized as part
of Rust 1.34.0. This point release destabilizes it, preventing any code on
the stable and beta channels to implement or use it, awaiting future plans that
will be discussed in issue #60784.