Your message dated Sat, 16 May 2026 17:49:31 +0000
with message-id <[email protected]>
and subject line Bug#1122195: fixed in rust-maxminddb 0.28.1-2
has caused the Debian Bug report #1122195,
regarding rust-maxminddb: RUSTSEC-2025-0132
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1122195: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1122195
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: rust-maxminddb
Version: 0.24.0-2
Severity: important
Tags: security upstream
Forwarded: https://github.com/oschwald/maxminddb-rust/issues/86
X-Debbugs-Cc: [email protected], Debian Security Team <[email protected]>
Hi
See
https://rustsec.org/advisories/RUSTSEC-2025-0132.html
https://github.com/advisories/GHSA-mj73-j457-8x9q
| maxminddb prior to version 0.27 declared Reader::open_mmap as safe
| despite wrapping an inherently unsafe memmap2 operation with no extra
| step done to guarantee safety. This could have led to undefined
| behaviour if the file were to be modified on disk while the memory map
| was still active.
Report:
https://github.com/oschwald/maxminddb-rust/issues/86
Fixed by:
https://github.com/oschwald/maxminddb-rust/commit/98f0e4fff9678c841ed33f3b8a46322f6163c32a
Regards,
Salvatore
-- System Information:
Debian Release: forky/sid
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 6.17.8+deb14-amd64 (SMP w/8 CPU threads; PREEMPT)
Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
--- End Message ---
--- Begin Message ---
Source: rust-maxminddb
Source-Version: 0.28.1-2
Done: Peter Michael Green <[email protected]>
We believe that the bug you reported is fixed in the latest version of
rust-maxminddb, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Peter Michael Green <[email protected]> (supplier of updated rust-maxminddb
package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Sat, 16 May 2026 16:38:35 +0000
Source: rust-maxminddb
Architecture: source
Version: 0.28.1-2
Distribution: unstable
Urgency: medium
Maintainer: Debian Rust Maintainers
<[email protected]>
Changed-By: Peter Michael Green <[email protected]>
Closes: 1122195
Changes:
rust-maxminddb (0.28.1-2) unstable; urgency=medium
.
* Team upload.
* Package maxminddb 0.28.1 from crates.io using debcargo 2.8.2
* Upload to unstable (Closes: #1122195)
* Set test_is_broken = true for the all features test.
Checksums-Sha1:
18ddadbf9bee8c08f3bf26ef69e98894bb3bf6f8 2604 rust-maxminddb_0.28.1-2.dsc
1a62f3bdd175eb549cdd7af6e5a1b36f5e8338f6 5308
rust-maxminddb_0.28.1-2.debian.tar.xz
32b489a203c52a9199ab4599407d9c3533698b14 9087
rust-maxminddb_0.28.1-2_source.buildinfo
Checksums-Sha256:
39dcd6b0c9f7a56acafb723188b5fde6130597429309ae7bb8943fe6524fa11c 2604
rust-maxminddb_0.28.1-2.dsc
6cfa8556081eca56135069975da1cf756821bd4d6b22d7370fa24a6859ecf576 5308
rust-maxminddb_0.28.1-2.debian.tar.xz
4c206f81eccf03adca27a02eb7157e7112ec71dcc23fb11e67c02894cf0f5664 9087
rust-maxminddb_0.28.1-2_source.buildinfo
Files:
8965d2f862ccbe570dcaa313317d8fd6 2604 rust optional rust-maxminddb_0.28.1-2.dsc
0d69c800668feea4e5af0406e381210d 5308 rust optional
rust-maxminddb_0.28.1-2.debian.tar.xz
4a881f81e8fadc17ca4cae7ef56db897 9087 rust optional
rust-maxminddb_0.28.1-2_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJIBAEBCAAyFiEEU0DQATYMplbjSX63DEjqKnqP/XsFAmoIqlEUHHBsdWd3YXNo
QGRlYmlhbi5vcmcACgkQDEjqKnqP/Xvk8Q//bTQwCKBYsYesc8mTWLBfKxaWq5tM
2n6bX9Ivh5nJaApCvow3HhwJdqiHHPwkxeBs/lcUV0q7OB4LbcZGWncHdNHYCdiy
hRxx1REOjQh+unol/00mlqnN1+NIUwFyjiu+ZDsvmTPQJAW70cM+Zl9vaolvHGxX
CCiIcd/Syy7ES5G65wZxZ4HH75p2Nz8/5zzPmQz4zV/bTyjtOnN3AQAU2sO4yUgn
9BU8mbwgyfQ74F5IalnJ2Ew5t8+K42YgiekoMIlswUTQ6ns/8rXp2idiC+pHNmQ/
tixXVj2DqcX6AqLt7F4Z03FZbLg76QMgnCWfDbmeVLMg/e4dX+V4+6RYU9c5UmRk
7XZvuo/tx41iq2euAGtwI+pYFgLDM1vjPs4tQ8XtEQ5MnlkagAjYP9IDrcENQJjV
GBgwwNZ2gVu4LP27u88YbUTWakLOFY9Iwo/4gvW+b4D8OoIKlhWzyOy0qZ/aWPcc
KwdbrM516qaCUcmYsjBjIKcL7w1l+iivMsNJ4pPti0XVts8LIFCegEPPTrWZe8EL
qGNRD9oTjmHJ+LxcRmrlOPGzC73FHaN4YeojYtD0Tvqh3bFO0h4jVOgtUMhytHSt
ZNrOBG0tzQxPXjjG5kpZZp4m7qaubNENzLVzbvPxEEand6Ag5RWen47vBYyR5wz3
nBgDa7dqF1eneQU=
=gERd
-----END PGP SIGNATURE-----
pgpSEpob9wIXP.pgp
Description: PGP signature
--- End Message ---
