The Rust team has released version 1.96.1, which includes critical patches for Cargo and fixes for a compiler miscompilation bug. This release addresses three CVEs in the libssh2 library, which Cargo uses for SSH transport, protecting users from serious vulnerabilities such as heap over-reads and CPU exhaustion attacks. In light of OpenAI joining the Rust Foundation as a platinum member, the language continues to grow in modern infrastructure and cloud computing. The update process is straightforward for users tracking the toolchain via rustup, and it's essential for anyone using SSH-based workflows to patch immediately due to the vulnerabilities

Rust 1.96.1 Released: Critical Cargo Security Patches and Compiler Fix

The Rust team has released version 1.96.1, addressing a compiler miscompilation bug in the MIR optimization pass and a silent failure issue in Cargo's HTTP client. The most critical updates include three CVEs patched in libssh2, which Cargo bundles for SSH transport, protecting users from heap over-reads, out-of-bounds writes, and CPU exhaustion attacks. This point release lands as OpenAI recently joined the Rust Foundation as a platinum member, cementing the language's growing footprint in modern infrastructure and cloud computing. 

Rust 1.96.1 Released: Critical Cargo Security Patches and Compiler Fix @ Linux Compatible