-
Notifications
You must be signed in to change notification settings - Fork 102
Yanked versions
Tom Kaitchuck edited this page Oct 23, 2023
·
8 revisions
Some versions on Crates.io have been yanked. Below is a listing as to why:
- The versions in
0.1.*
and0.2.*
below0.2.19
were yanked due to this issue which caused them to not compile with newer versions of theconst-random
package. - The versions in
0.3.*
that are below0.3.5
were yanked due to a subtle quality problem which could in theory be used by an adversary with full control over the input to produce a partial collision of the lower 32 bits of the hash by guessing with a 1 in 4096 chance. This is not likely be usable as a practical attack because aside from the probability, the Rust hashmap implementation by default uses the upper byte to resolve collisions without resorting to an equality comparison. Nevertheless the affected versions were yanked to avoid the possibility. - Versions
0.5.8
and0.6.0
were yanked due to compile errors when building for certain no-std platforms with the nightly version of the compiler. - Versions
0.4.2
through0.8.3
were yanked due to the discovery of an attack where if an attacker could control the contents of a string at least 128 bytes in length and could detect if there was an exact hash collision (Which is plausible via timing if it were precise enough and mitigations such as those in Rust's default HashMap were either not in place or were overwhelmed through brute force) then the attacker could calculate the value of an intermediate key which is used in the hashing of long strings. This in turn would allow them to generate an unlimited number of colliding strings for the target HashMap. If the same map / hasher were used for multiple calls this could form the basis of a practical DoS attack.