Recommended update for rust, rust1.68

Announcement ID:	SUSE-RU-2023:2088-1
Rating:	moderate
References:	bsc#1209839 jsc#SLE-18626
Affected Products:	Development Tools Module 15-SP4 openSUSE Leap 15.4 SUSE Linux Enterprise Desktop 15 SP4 SUSE Linux Enterprise High Performance Computing 15 SP4 SUSE Linux Enterprise Real Time 15 SP4 SUSE Linux Enterprise Server 15 SP4 SUSE Linux Enterprise Server for SAP Applications 15 SP4 SUSE Manager Proxy 4.3 SUSE Manager Retail Branch Server 4.3 SUSE Manager Server 4.3

An update that contains one feature and has one fix can now be installed.

Description:

This update for rust, rust1.68 fixes the following issues:

Changes in rust1.68:

• bsc#1209839 - replace leaked github keys in rust/cargo

Version 1.68.2 (2023-03-28)

• Update the GitHub RSA host key bundled within Cargo The key was rotated by GitHub (https://github.blog/2023-03-23-we-updated-our-rsa-ssh-host-key/) on 2023-03-24 after the old one leaked.
• Mark the old GitHub RSA host key as revoked](https://github.com/rust-lang/cargo/pull/11889). This will prevent Cargo from accepting the leaked key even when trusted by the system.
• Add support for @revoked and a better error message for @cert-authority in Cargo's SSH host key verification
• Fix miscompilation in produced Windows MSVC artifacts This was introduced by enabling ThinLTO for the distributed rustc which led to miscompilations in the resulting binary. Currently this is believed to be limited to the -Zdylib-lto flag used for rustc compilation, rather than a general bug in ThinLTO, so only rustc artifacts should be affected.
• Fix --enable-local-rust builds
• Treat $prefix-clang as clang in linker detection code
• Fix panic in compiler code

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

• openSUSE Leap 15.4
  zypper in -t patch openSUSE-SLE-15.4-2023-2088=1
• Development Tools Module 15-SP4
  zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP4-2023-2088=1

Package List:

• openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64)
  • rust1.68-debuginfo-1.68.2-150400.9.10.2
  • cargo1.68-1.68.2-150400.9.10.2
  • cargo1.68-debuginfo-1.68.2-150400.9.10.2
• openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 nosrc)
  • rust1.68-1.68.2-150400.9.10.2
• Development Tools Module 15-SP4 (aarch64 ppc64le s390x x86_64)
  • rust1.68-debuginfo-1.68.2-150400.9.10.2
  • cargo1.68-1.68.2-150400.9.10.2
  • cargo1.68-debuginfo-1.68.2-150400.9.10.2
• Development Tools Module 15-SP4 (aarch64 ppc64le s390x x86_64 nosrc)
  • rust1.68-1.68.2-150400.9.10.2

References:

• https://bugzilla.suse.com/show_bug.cgi?id=1209839
• https://jira.suse.com/browse/SLE-18626