Today Rust 1.77.2 was released to address a security flaw. The flaw relates to how Command input is sanitized in the standard library for Windows build targets. Gentoo does not ship the Windows build targets as part of its ebuilds, and thus is not vulnerable to this CVE. For more information, see the Rust blog: https://blog.rust-lang.org/2024/04/09/cve-2024-24576.html Reproducible: Always
We can close this ticket as INVALID. I filed it at the suggestion of our pal Sam James so that we can have a documented record describing why we don't need to bump the version in Gentoo.