VUL-0: CVE-2024-12084: rsync: Heap Buffer Overflow in Checksum Parsing VUL-0: CVE-2024-12085: rsync: Info Leak via uninitialized Stack contents defeats ASLR VUL-0: CVE-2024-12086: rsync: server leaks arbitrary client files VUL-0: CVE-2024-12087: rsync: server can make client write files outside of destination directory using symbolic links VUL-0: CVE-2024-12088: rsync: --safe-links bypass VUL-0: CVE-2024-12747: rsync: Race Condition in rsync Handling Symbolic Links ayankov critical security

Security update for rsync

This update for rsync fixes the following issues: - CVE-2024-12084: Fixed Heap Buffer Overflow in Checksum Parsing (bsc#1234100). - CVE-2024-12085: Fixed Info Leak via uninitialized Stack contents defeating ASLR (bsc#1234101). - CVE-2024-12086: Fixed server leaking arbitrary client files (bsc#1234102). - CVE-2024-12087: Fixed server use of symbolic links to make client write files outside of destination directory (bsc#1234103). - CVE-2024-12088: Fixed --safe-links bypass (bsc#1234104). - CVE-2024-12747: Fixed Race Condition in rsync Handling Symbolic Links (bsc#1235475). rsync