Source: rust-tokio
Version: 1.43.0-1
Severity: important
Tags: security upstream
Forwarded: https://github.com/tokio-rs/tokio/pull/7232
X-Debbugs-Cc: [email protected], Debian Security Team <[email protected]>

Hi

As reported in https://github.com/tokio-rs/tokio/pull/7232 and
https://rustsec.org/advisories/RUSTSEC-2025-0023.html:

| The broadcast channel internally calls clone on the stored value when
| receiving it, and only requires T:Send. This means that using the
| broadcast channel with values that are Send but not Sync can trigger
| unsoundness if the clone implementation makes use of the value being
| !Sync.

iegards,
Salvatore

Reply via email to