rsync/rsync-patches-3.3.0.tar.gz.asc at 04926b0b741ae28f9e4baf9d5d20af0cd08c29f2192cbc016022b1ec38114eac - rsync - openSUSE Gitea

pool/rsync

SHA256

Angel Yankov 04926b0b74 - Security update,CVE-2024-12747, bsc#1235475 race condition in handling symbolic links

* Added rsync-CVE-2024-12747.patch

- Security update, fix multiple vulnerabilities:
  * CVE-2024-12084, bsc#1234100 - Heap Buffer Overflow in Checksum Parsing
  * CVE-2024-12085, bsc#1234101 - Info Leak via uninitialized Stack contents defeats ASLR
  * CVE-2024-12086, bsc#1234102 - Server leaks arbitrary client files
  * CVE-2024-12087, bsc#1234103 - Server can make client write files outside of destination directory using symbolic links
  * CVE-2024-12088, bsc#1234104 - --safe-links Bypass
  * Added rsync-CVE-2024-12084-overflow-01.patch
  * Added rsync-CVE-2024-12084-overflow-02.patch
  * Added rsync-CVE-2024-12085.patch
  * Added rsync-CVE-2024-12086_01.patch
  * Added rsync-CVE-2024-12086_02.patch
  * Added rsync-CVE-2024-12086_03.patch
  * Added rsync-CVE-2024-12086_04.patch
  * Added rsync-CVE-2024-12087_01.patch
  * Added rsync-CVE-2024-12087_02.patch
  * Added rsync-CVE-2024-12088.patch

OBS-URL: https://build.opensuse.org/package/show/network/rsync?expand=0&rev=129

2025-01-15 08:07:45 +00:00

7 lines

195 B

Plaintext

Raw Blame History

 -----BEGIN PGP SIGNATURE-----
 iF0EABECAB0WIQQASMiwJtTJbw5YnC9shZ+xS5aoxQUCZhF6vQAKCRBshZ+xS5ao
 xcOpAJ0e/0uM2Ds98F7lwsTWiYdsJJ4EGwCfU4SaBIySxtKPdHh0Qy6Y1dt8uTc=
 =dZu7
 -----END PGP SIGNATURE-----