Rsync 3.4 Released Due To Multiple, Significant Security Vulnerabilities

All six of these CVEs are fixed in Rsync 3.4:

   CVE-2024-12084 -⁠ Heap Buffer Overflow in Checksum Parsing.

   CVE-2024-12085 -⁠ Info Leak via uninitialized Stack contents defeats ASLR.

   CVE-2024-12086 -⁠ Server leaks arbitrary client files.

   CVE-2024-12087 -⁠ Server can make client write files outside of destination 
directory using symbolic links.

   CVE-2024-12088 -⁠ -⁠-⁠safe-links Bypass.

   CVE-2024-12747 -⁠ symlink race condition.


hello,

 do you htink those can  affect alsorsync-bpc 
<https://github.com/backuppc/rsync-bpc> ?


--
cordialement,
Ghislain ADNET.
AQUEOS.
_______________________________________________
BackupPC-users mailing list
BackupPC-users@lists.sourceforge.net
List:    https://lists.sourceforge.net/lists/listinfo/backuppc-users
Wiki:    https://github.com/backuppc/backuppc/wiki
Project: https://backuppc.github.io/backuppc/

Reply via email to