An issue was discovered in the tokio crate before 1.8.4, and 1.9.x through 1.13.x before 1.13.1, for Rust. In certain circumstances involving a closed oneshot channel, there is a data race and memory corruption. https://rustsec.org/advisories/RUSTSEC-2021-0124.html https://raw.githubusercontent.com/rustsec/advisory-db/main/crates/tokio/RUSTSEC-2021-0124.md
https://lists.suse.com/pipermail/sle-security-updates/2022-November/012931.html
Created 389-ds-base tracking bugs for this issue: Affects: fedora-all [bug 2143524] Created aardvark-dns tracking bugs for this issue: Affects: fedora-all [bug 2143522] Created netavark tracking bugs for this issue: Affects: fedora-all [bug 2143523]
Hi Sandipan, None of the aardvark/netavark is using `oneshot` directly but our deps could be using it but our tokio version is `1.21.2` which newer than the versions listed above. So I think `netavark` and `aardvark` are not affected by this. Thanks Aditya