Wasmtime GitHub notifications bot (May 19 2021 at 12:21): Wasmtime GitHub notifications bot (May 19 2021 at 12:21):tschneidereit opened issue #2913:
The Bytecode Alliance would like to announce the forthcoming release of Cranelift version
0.74.0 and Wasmtime 0.27.0.This release will be made available on 2020/05/21 at approximately 7:00 PM UTC at https://github.com/advisories
Cranelift 0.74.0 and Wasmtime 0.27.0 are security releases. The highest severity issue fixed in these releases is
CRITICAL, based on the classification scheme defined in the OpenSSL Security Policy.Note: an announcement about this upcoming release has been sent to the Bytecode Alliance's sec-announce mailing list. Subscribe to that list to receive updates about future security releases.
Wasmtime GitHub notifications bot (May 19 2021 at 12:24):tschneidereit labeled issue #2913:
The Bytecode Alliance would like to announce the forthcoming release of Cranelift version
0.74.0 and Wasmtime 0.27.0.This release will be made available on 2020/05/21 at approximately 7:00 PM UTC at https://github.com/advisories
Cranelift 0.74.0 and Wasmtime 0.27.0 are security releases. The highest severity issue fixed in these releases is
CRITICAL, based on the classification scheme defined in the OpenSSL Security Policy.Note: an announcement about this upcoming release has been sent to the Bytecode Alliance's sec-announce mailing list. Subscribe to that list to receive updates about future security releases.
Wasmtime GitHub notifications bot (May 19 2021 at 12:24):tschneidereit labeled issue #2913:
The Bytecode Alliance would like to announce the forthcoming release of Cranelift version
0.74.0 and Wasmtime 0.27.0.This release will be made available on 2020/05/21 at approximately 7:00 PM UTC at https://github.com/advisories
Cranelift 0.74.0 and Wasmtime 0.27.0 are security releases. The highest severity issue fixed in these releases is
CRITICAL, based on the classification scheme defined in the OpenSSL Security Policy.Note: an announcement about this upcoming release has been sent to the Bytecode Alliance's sec-announce mailing list. Subscribe to that list to receive updates about future security releases.
Wasmtime GitHub notifications bot (May 19 2021 at 12:24):tschneidereit labeled issue #2913:
The Bytecode Alliance would like to announce the forthcoming release of Cranelift version
0.74.0 and Wasmtime 0.27.0.This release will be made available on 2020/05/21 at approximately 7:00 PM UTC at https://github.com/advisories
Cranelift 0.74.0 and Wasmtime 0.27.0 are security releases. The highest severity issue fixed in these releases is
CRITICAL, based on the classification scheme defined in the OpenSSL Security Policy.Note: an announcement about this upcoming release has been sent to the Bytecode Alliance's sec-announce mailing list. Subscribe to that list to receive updates about future security releases.
Wasmtime GitHub notifications bot (May 21 2021 at 23:34):tschneidereit commented on issue #2913:
_(Update 21-May-2021)_ Security releases available
Cranelift versions 0.74.0 and 0.73.1, and Wasmtime 0.27.0 and 0.26.1 are now available on crates.io. Additionally, binary releases are available on Github for the Wasmtime C-API shared library and CLI for version 0.27.0, and version 0.26.1.
These releases fixing the following issue
Memory access due to code generation flaw in Cranelift module (Critical) (CVE-2021-32629)
This is a vulnerability in Cranelift which may be exploited through Cranelift embeddings, as described in our security advisory.
Impacts:
- Cranelift version 0.73.0 and Wasmtime version 0.26.0
Note: an announcement about these releases has been sent to the Bytecode Alliance's sec-announce mailing list. Subscribe to that list to receive updates about future security releases.
Wasmtime GitHub notifications bot (Jun 25 2021 at 11:55):tschneidereit commented on issue #2913:
Closing this issue as this has all long happened, and there's no further need for keeping it visible. For notifications about future security releases, please subscribe to the mailing list mentioned in the OP.
Wasmtime GitHub notifications bot (Jun 25 2021 at 11:55):tschneidereit closed issue #2913:
The Bytecode Alliance would like to announce the forthcoming release of Cranelift version
0.74.0 and Wasmtime 0.27.0.This release will be made available on 2020/05/21 at approximately 7:00 PM UTC at https://github.com/advisories
Cranelift 0.74.0 and Wasmtime 0.27.0 are security releases. The highest severity issue fixed in these releases is
CRITICAL, based on the classification scheme defined in the OpenSSL Security Policy.Note: an announcement about this upcoming release has been sent to the Bytecode Alliance's sec-announce mailing list. Subscribe to that list to receive updates about future security releases.
Last updated: Oct 23 2024 at 20:03 UTC