pool/rsync
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 832048 from home:pmonrealgonzalez:branches:network

Browse Source 
- Security fix: [bsc#1176160, CVE-2020-14387]
  * rsync-ssl: Verify the hostname in the certificate when using openssl.
- Add rsync-CVE-2020-14387.patch

OBS-URL: https://build.opensuse.org/request/show/832048
OBS-URL: https://build.opensuse.org/package/show/network/rsync?expand=0&rev=82
This commit is contained in:
Pedro Monreal Gonzalez 2020-09-04 10:56:00 +00:00 committed by Git OBS Bridge
parent 9bf6fec739
commit 4bbb3e29bd
3 changed files with 24 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
rsync-CVE-2020-14387.patch Normal file
View File

@ -0,0 +1,15 @@
X-Git-Url: http://git.samba.org/?p=rsync.git;a=blobdiff_plain;f=rsync-ssl;h=46701af160ecff16680b30faf6a1f325fac62359;hp=8101975ac6ef1e9e683e6658a61e49fbe02c5f52;hb=c3f7414;hpb=4c4fce51072c9189cfb11b52aa54fed79f5741bd
diff --git a/rsync-ssl b/rsync-ssl
index 8101975a..46701af1 100755
--- a/rsync-ssl
+++ b/rsync-ssl
@@ -129,7 +129,7 @@ function rsync_ssl_helper {
fi
if [[ $RSYNC_SSL_TYPE == openssl ]]; then
- exec $RSYNC_SSL_OPENSSL s_client $caopt $certopt -quiet -verify_quiet -servername $hostname -connect $hostname:$port
+ exec $RSYNC_SSL_OPENSSL s_client $caopt $certopt -quiet -verify_quiet -servername $hostname -verify_hostname $hostname -connect $hostname:$port
elif [[ $RSYNC_SSL_TYPE == gnutls ]]; then
exec $RSYNC_SSL_GNUTLS --logfile=/dev/null $gnutls_cert_opt $gnutls_opts $hostname:$port
else

7
rsync.changes
View File

@ -1,3 +1,10 @@
-------------------------------------------------------------------
Fri Sep 4 10:25:17 UTC 2020 - Pedro Monreal <pmonreal@suse.com>
- Security fix: [bsc#1176160, CVE-2020-14387]
* rsync-ssl: Verify the hostname in the certificate when using openssl.
- Add rsync-CVE-2020-14387.patch
-------------------------------------------------------------------
Fri Aug 7 06:47:00 UTC 2020 - Ismail Dönmez <idonmez@suse.com>

2
rsync.spec
View File

@ -42,6 +42,7 @@ Source10: http://rsync.samba.org/ftp/rsync/src/rsync-%{version}.tar.gz.asc
Source11: http://rsync.samba.org/ftp/rsync/src/rsync-patches-%{version}.tar.gz.asc
Source12: %{name}.keyring
Patch0: rsync-no-libattr.patch
Patch1: rsync-CVE-2020-14387.patch
BuildRequires: autoconf
BuildRequires: automake
BuildRequires: c++_compiler
@ -78,6 +79,7 @@ rm -f zlib/*.h
patch -p1 < patches/slp.diff
%patch0 -p1
%patch1 -p1
%build
autoreconf -fiv