Compare commits
3 Commits
| Author | SHA256 | Date | |
|---|---|---|---|
| 477fcd76e2 | |||
| e20d4d8c69 | |||
| 8f992957f7 |
27
rsync-CVE-2025-10158.patch
Normal file
27
rsync-CVE-2025-10158.patch
Normal file
@@ -0,0 +1,27 @@
|
|||||||
|
From 797e17fc4a6f15e3b1756538a9f812b63942686f Mon Sep 17 00:00:00 2001
|
||||||
|
From: Andrew Tridgell <andrew@tridgell.net>
|
||||||
|
Date: Sat, 23 Aug 2025 17:26:53 +1000
|
||||||
|
Subject: [PATCH] fixed an invalid access to files array
|
||||||
|
|
||||||
|
this was found by Calum Hutton from Rapid7. It is a real bug, but
|
||||||
|
analysis shows it can't be leverged into an exploit. Worth fixing
|
||||||
|
though.
|
||||||
|
|
||||||
|
Many thanks to Calum and Rapid7 for finding and reporting this
|
||||||
|
---
|
||||||
|
sender.c | 2 ++
|
||||||
|
1 file changed, 2 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/sender.c b/sender.c
|
||||||
|
index a4d46c39e..b1588b701 100644
|
||||||
|
--- a/sender.c
|
||||||
|
+++ b/sender.c
|
||||||
|
@@ -262,6 +262,8 @@ void send_files(int f_in, int f_out)
|
||||||
|
|
||||||
|
if (ndx - cur_flist->ndx_start >= 0)
|
||||||
|
file = cur_flist->files[ndx - cur_flist->ndx_start];
|
||||||
|
+ else if (cur_flist->parent_ndx < 0)
|
||||||
|
+ exit_cleanup(RERR_PROTOCOL);
|
||||||
|
else
|
||||||
|
file = dir_flist->files[cur_flist->parent_ndx];
|
||||||
|
if (F_PATHNAME(file)) {
|
||||||
@@ -1,3 +1,10 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Tue Dec 16 12:40:48 UTC 2025 - David Anes <david.anes@suse.com>
|
||||||
|
|
||||||
|
- Security update (CVE-2025-10158, bsc#1254441): rsync: Out of
|
||||||
|
bounds array access via negative index
|
||||||
|
- Add rsync-CVE-2025-10158.patch
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Fri Mar 28 13:58:41 UTC 2025 - Friedrich Haubensak <hsk17@mail.de>
|
Fri Mar 28 13:58:41 UTC 2025 - Friedrich Haubensak <hsk17@mail.de>
|
||||||
|
|
||||||
|
|||||||
@@ -1,7 +1,7 @@
|
|||||||
#
|
#
|
||||||
# spec file for package rsync
|
# spec file for package rsync
|
||||||
#
|
#
|
||||||
# Copyright (c) 2025 SUSE LLC
|
# Copyright (c) 2025 SUSE LLC and contributors
|
||||||
#
|
#
|
||||||
# All modifications and additions to the file contributed by third parties
|
# All modifications and additions to the file contributed by third parties
|
||||||
# remain the property of their copyright owners, unless otherwise agreed
|
# remain the property of their copyright owners, unless otherwise agreed
|
||||||
@@ -61,6 +61,9 @@ Patch3: rsync-run-dir.patch
|
|||||||
Patch5: rsyncd-return-from-list-command-with-0.patch
|
Patch5: rsyncd-return-from-list-command-with-0.patch
|
||||||
# https://github.com/RsyncProject/rsync/pull/716
|
# https://github.com/RsyncProject/rsync/pull/716
|
||||||
Patch6: rsync341-gcc15-bool.patch
|
Patch6: rsync341-gcc15-bool.patch
|
||||||
|
# bsc#1254441, CVE-2025-10158: rsync: Out of bounds array access via negative index
|
||||||
|
# https://github.com/RsyncProject/rsync/commit/797e17fc4a6f15e3b1756538a9f812b63942686f
|
||||||
|
Patch7: rsync-CVE-2025-10158.patch
|
||||||
BuildRequires: autoconf
|
BuildRequires: autoconf
|
||||||
BuildRequires: automake
|
BuildRequires: automake
|
||||||
BuildRequires: c++_compiler
|
BuildRequires: c++_compiler
|
||||||
|
|||||||
Reference in New Issue
Block a user