Adding patchinfo patchinfo.20250123145545485403.154186277494808

patchinfo.20250123145545485403.154186277494808/_patchinfo

@@ -0,0 +1,30 @@
+<patchinfo>
+  <!-- generated from request(s) 358938 -->
+  <issue tracker="bnc" id="1234100">VUL-0: CVE-2024-12084: rsync: Heap Buffer Overflow in Checksum Parsing</issue>
+  <issue tracker="bnc" id="1234101">VUL-0: CVE-2024-12085: rsync: Info Leak via uninitialized Stack contents defeats ASLR</issue>
+  <issue tracker="bnc" id="1234102">VUL-0: CVE-2024-12086: rsync: server leaks arbitrary client files</issue>
+  <issue tracker="bnc" id="1234103">VUL-0: CVE-2024-12087: rsync: server can make client write files outside of destination directory using symbolic links</issue>
+  <issue tracker="bnc" id="1234104">VUL-0: CVE-2024-12088: rsync: --safe-links bypass</issue>
+  <issue tracker="bnc" id="1235475">VUL-0: CVE-2024-12747: rsync: Race Condition in rsync Handling Symbolic Links</issue>
+  <issue tracker="cve" id="2024-12084"/>
+  <issue tracker="cve" id="2024-12085"/>
+  <issue tracker="cve" id="2024-12086"/>
+  <issue tracker="cve" id="2024-12087"/>
+  <issue tracker="cve" id="2024-12088"/>
+  <issue tracker="cve" id="2024-12747"/>
+  <packager>ayankov</packager>
+  <rating>critical</rating>
+  <category>security</category>
+  <summary>Security update for rsync</summary>
+  <description>This update for rsync fixes the following issues:
+
+- CVE-2024-12084: Fixed Heap Buffer Overflow in Checksum Parsing (bsc#1234100).
+- CVE-2024-12085: Fixed Info Leak via uninitialized Stack contents defeating ASLR (bsc#1234101).
+- CVE-2024-12086: Fixed server leaking arbitrary client files (bsc#1234102).
+- CVE-2024-12087: Fixed server use of symbolic links to  make client write files outside of destination directory (bsc#1234103).
+- CVE-2024-12088: Fixed --safe-links bypass (bsc#1234104).
+- CVE-2024-12747: Fixed Race Condition in rsync Handling Symbolic Links (bsc#1235475).
+</description>
+  <package>rsync</package>
+  <seperate_build_arch/>
+</patchinfo>