A security issue has been found in Cargo: on Unix platforms, the umask was ignored when extracting dependencies, potentially allowing other local users to inject malicious code. (CVE-2023-38497)

Rust 1.71.1 will be released later today with the fix.

ht…