Upcoming Security Release for Wasmtime on 2024-10-09
44 views
Skip to first unread message
Alex Crichton
Oct 3, 2024, 12:51:01 PMOct 3
to sec-an...@bytecodealliance.org
The Wasmtime project would like to announce a forthcoming security
release of Wasmtime.
The release will be made available on 2024-10-09 at approximately 19:00 UTC. Additionally, an advisory will be made available on the same date and time at https://github.com/advisories.
The highest severity issue fixed in this release is MODERATE based on the classification scheme defined by CVSS.
The release will be made available on 2024-10-09 at approximately 19:00 UTC. Additionally, an advisory will be made available on the same date and time at https://github.com/advisories.
The highest severity issue fixed in this release is MODERATE based on the classification scheme defined by CVSS.
Alex Crichton
Oct 9, 2024, 2:36:19 PMOct 9
to sec-an...@bytecodealliance.org
[Update 2024-10-09] Security releases available
Wasmtime versions 21.0.2, 22.0.1, 23.0.3, 24.0.1, and 25.0.2 are now available on crates.io. Additionally, binary releases are available on Github for the Wasmtime C-API shared library and CLI at https://github.com/bytecodealliance/wasmtime/releases.
This release fixes the following security issues rated LOW:
Wasmtime versions 21.0.2, 22.0.1, 23.0.3, 24.0.1, and 25.0.2 are now available on crates.io. Additionally, binary releases are available on Github for the Wasmtime C-API shared library and CLI at https://github.com/bytecodealliance/wasmtime/releases.
This release fixes the following security issues rated MODERATE:
Runtime crash when combining tail calls with stack traces
Race condition could lead to WebAssembly control-flow integrity and type safety violations
Reply all
Reply to author
Forward
0 new messages