Page MenuHomeFreeBSD

lang/rust: update to 1.29.1
ClosedPublic

Authored by jbeich on Sep 27 2018, 1:26 PM.

Details

Summary

According to upstream diff and notes it only carries a small security fix. While fix is in standard library because Rust (like Go) defaults to static linking every consumer has to be rebuilt.

Test Plan
  • poudriere bulk -t lang/rust is green on 10.4 i386/amd64, 11.1 i386/amd64, 11.2 i386/amd64, 12.0 i386/amd64
  • poudriere bulk -tj 112amd64 -f rust-consumers.list is green except security/kr which fails for what looks like an unrelated issue.

Diff Detail

Repository
rP FreeBSD ports repository
Lint
Automatic diff as part of commit; lint not applicable.
Unit
Automatic diff as part of commit; unit tests not applicable.

Event Timeline

I was going to suggest the same once 1.29.1 has landed. I believe @dumbbell is already working on updating lang/rust (see https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=230470#c6).

Please bump the minimum version in cargo.mk too. It's long overdue anyway.

jbeich edited the summary of this revision. (Show Details)
jbeich edited the test plan for this revision. (Show Details)
  • Bump required version for USES=cargo to make sure consumers get the fix
  • Mark testing as done

Hi!

I tested (poudriere testport) a similar patch to lang/rust on 10.4 and 11.1, both amd64 and i386, and it works.

I will continue to look into LibreSSL support, but you can commit this already :-) Thank you!

This revision is now accepted and ready to land.Sep 28 2018, 8:26 AM
Mk/Uses/cargo.mk
49 ↗(On Diff #48531)

Rust < 1.29 doesn't appear to be affected, so the change is unnecessary. Let's go with D17346 instead.

$ rustc -vV
rustc 1.26.2
binary: rustc
commit-hash: unknown
commit-date: unknown
host: i686-unknown-freebsd
release: 1.26.2
LLVM version: 6.0

$ rustc a.rs

$ ./a
thread 'main' panicked at 'capacity overflow: CapacityOverflow', libcore/result.rs:945:5
note: Run with `RUST_BACKTRACE=1` for a backtrace.
Mk/Uses/cargo.mk
49 ↗(On Diff #48531)

The announcement on rustlang-security-announcements [1] says that Rust >= 1.26.0 is affected.

[1] https://groups.google.com/forum/#!topic/rustlang-security-announcements/CmSuTm-SaU0

This revision was automatically updated to reflect the committed changes.
jbeich marked an inline comment as done.