The Ubuntu 25.10 transition to using some Rust system utilities continues proving quite rocky. Beyond some early performance issues with Rust Coreutils, breakage for some executables, and broken unattended upgrades due to a Rust Coreutils bug, it’s also sudo-rs now causing Ubuntu developers some headaches. There are two moderate security issues affecting sudo-rs, the Rust version of sudo being used by Ubuntu 25.10.
Yeah, what I was saying was that rather than the basic take URL and just put the file on the filesystem use case (which is in the common case not that difficult with stuff like
reqwestorhyper), the other use cases where you for instance use the library to process requests and their responses in non-default or potentially bizarre ways is more likely where there’d be an issue. When I said “extra processing” for requests, I was including for instance potentially dealing with TLS and interactions between underlying libraries and so on with all the various protocols curl supports.