Update rustc to fix recent vulnerabilities.
|Reported by:||Owned by:|
In https://lore.kernel.org/lkml/20210502093123.GC12293@localhost/ several vulnerabilities in the rust standard library were identified. Distros such as fedora and debian appear to build rust with static libs, and take the view that all programs which use rust need to be recompiled after upgrading the compiler to fix this.
It appears that for the few rust packages which are in blfs that will not be necessary (they do not have problems at runtime it /opt/rustc is switched to a different version and the hashed name of the standard library is thus no-longer available, i.e. we think it is a build-time vulnerability for our packages).
One of the CVEs says it applies to rust before 1.53.0, but the fix has been backported to 1.51.0 (see fedora) and is apparently included in 1.52.0 which should be released in the next 24 hours.
At the moment, patched 1.51.0 builds everything in blfs which uses rust, but using unpatched 1.52.0 would be nicer if it too can build everything.