This Week in Rust 507 (this-week-in-rust.org)
Security advisory for Cargo (CVE-2023-38497) | Rust Blog (blog.rust-lang.org)
The Rust Security Response WG was notified that Cargo did not respect the umask when extracting crate archives on UNIX-like systems. If the user downloaded a crate containing files writeable by any local user, another local user could exploit this to change the source code compiled and executed by the current user.
![](https://kbin.social/media/cache/resolve/entry_thumb/08/8e/088e62b44d8a946015e2fb1378ef6866c3e1b059107b67e7391d7b1c7ca7c40b.jpg)
This Week in Rust 506 (this-week-in-rust.org)
This Week in Rust 505 (this-week-in-rust.org)
This Week in Rust 504 (this-week-in-rust.org)
Rustc Trait System Refactor Initiative Update | Inside Rust Blog (blog.rust-lang.org)
![](https://kbin.social/media/cache/resolve/entry_thumb/08/8e/088e62b44d8a946015e2fb1378ef6866c3e1b059107b67e7391d7b1c7ca7c40b.jpg)
This Week in Rust 503 (this-week-in-rust.org)
RFC3355 "Start working on a Rust specification" accepted (github.com)
The Foundation is planning to hire a technical editor / project manager for somewhere between 6 and 9 months.
![](https://kbin.social/media/cache/resolve/entry_thumb/bd/5f/bd5fc4b9aaea723add2db1a2e90bdf64e2c89ad5e0e5622767e6de03382cd303.png)
This Week in Rust 502 (this-week-in-rust.org)
GitHub org for Rust jobs (github.com)
Following the odyssey mentioned in https://lemmyrs.org/post/87787 and the discussion with users.rust-lang.org mods, I have concluded that the simplest and most sustainable way to solve this is a GitHub org where companies can post jobs and regular Rust developers on GitHub participate in moderation. GitHub provides different...
![](https://kbin.social/media/cache/resolve/entry_thumb/78/3b/783bce8210ef20b1eded7cda7fec63f7f3948e8a25263c78a6f2bd4623aec7ad.png)