The Rust team shipped Rust 1.96.0, the latest stable compiler. Users with rustup can upgrade via `rustup update stable`; newcomers install rustup from the official site. Release notes detail the changes, and the team encourages testing future builds on the beta or nightly channels. Bug reports remain welcome.

Core library updates replace the legacy range types with copyable equivalents in the new `core::range` module. RFC3550’s design lets `Range`, `RangeFrom` and `RangeInclusive` implement `IntoIterator` instead of `Iterator`, eliminating the previous footgun. Developers can now store slice bounds in a `Copy` struct, simplifying APIs that expose range parameters.

The release adds assert_matches! and debug_assert_matches! macros that panic with a debug view when pattern matching fails, requiring manual import to avoid clashes. WebAssembly targets now treat undefined symbols as linker errors, tightening build‑time validation. Security patches address CVE‑2026‑5223 (symlink tarball extraction) and CVE‑2026‑5222 (URL authentication). Rust 1.96.0 strengthens safety and ergonomics for production code.

Two Cargo advisories ship with the update: CVE‑2026‑5223, a medium‑severity issue involving symlink extraction from crate tarballs, and CVE‑2026‑5222, a low‑severity URL normalization flaw. Both affect third‑party registries only; crates.io users are unaffected. The Rust project credits a broad contributor base for the release in 2024.