[SECURITY] [DLA 4591-1] rsync security update

Wed, 20 May 2026 08:30:38 -0700 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-4591-1                [email protected]
https://www.debian.org/lts/security/                    Thorsten Alteholz
May 20, 2026                                  https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : rsync
Version        : 3.2.3-4+deb11u4
CVE ID         : CVE-2026-29518 CVE-2026-43617 CVE-2026-43618
                 CVE-2026-43619 CVE-2026-43620


Several vulnerabilities were discovered in rsync, a fast, versatile,
remote (and local) file-copying tool, which may result in local
privilege escalation, bypass of intended access restrictions, remote
memory disclosure to an authenticated daemon peer or denial of service.


For Debian 11 bullseye, these problems have been fixed in version
3.2.3-4+deb11u4.

We recommend that you upgrade your rsync packages.

For the detailed security status of rsync please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/rsync

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAmoNx45fFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy
MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcACgkQlvysDTh7
WEdv1BAAwJv2aK/pE3cooBlHsbjlNrPGBgPHoxmdsmS5o+nn2t4jOWcvhBVf6vcM
8B7kAB7xRCmoPHRWBhexKgjgCttTJxmxs9McbKeywOz7mwGHPOjP8lQA9pU07NCs
7naJGcO90j7KorU9ttKUgmWtai2vjiLiFTQ+ws0geRh3Zk0J27mG+q1nsuPhgM7z
Jj9gW0BTlCUYpDQPwMDnnspjEcNbx98xtWQ1bozsuxd1cuJAwjFNC45bg78ZGopw
PJt9wshToY+/RkBgBTqAyoiPeXgd0YO43h/kiE2bfHBpplUMPf7xmx1MdeJN3Zz1
QIsvg0rznZZwbno7fXVnkothjsEPuBzfKY+kTWyDu+IM9Uw5mEwnvd4S7/xO5tJ6
bofxvb8f67+mQ4EzIxzeCuL8VaQxx2eAHxvLLAPjgqRF+2QXPRQNgsl+XWmGLD1T
yo8/6zymWl6I2wKDXch1MvmeDC4cVufXCi66VDauI4+Zog3AcwWhSrYGr13ljlLh
dLMYzoVwFKi9kRht/82RatVi5Ppmrwo8CmsJDhgnL3+FMnAEdMHlCYjMlfnrbb6A
BMPTcIrhIkGcEB1EUIuJuI7EoS4DCMeuI9SvGbNE+FEfO0aHQ/Kcj5qqBJnpQvX6
54fUtGibWl8Nbkz1eSUhG+IHTrdxJjAav4QR+BweeyXs1sEfwLE=
=IZZ8
-----END PGP SIGNATURE-----

Reply via email to