Skip to content

Rust 1.58 solves command execution vulnerability #2027

New issue
New issue
Open
Open
Rust 1.58 solves command execution vulnerability#2027
Labels
waiting-on-msrvWe wait for a MSRV bump to be necessary for other reasons than what the issue is about.
@sharkdp

Description

@sharkdp
sharkdp
opened on Jan 15, 2022

The Rust 1.58 release notes (https://blog.rust-lang.org/2022/01/13/Rust-1.58.0.html#reduced-windows-command-search-path) mention, that the problem with command execution on Windows that lead to #1472 / CVE-2021-36753 have now been fixed.

This should allow us to remove the custom ripgrep-based bugfix (#1724) once we switch to Rust 1.58.

Metadata

Metadata

Assignees

No one assigned

    Labels

    waiting-on-msrvWe wait for a MSRV bump to be necessary for other reasons than what the issue is about.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions