CVS: cvs.openbsd.org: ports

Stuart Henderson Tue, 14 Jan 2025 12:45:13 -0800

CVSROOT:        /cvs
Module name:    ports
Changes by:     [email protected]   2025/01/14 13:45:03


Modified files:
        net/rsync      : Makefile distinfo 
        net/rsync/patches: patch-rsyncd_conf_5 
Added files:
        net/rsync/files: rrsync.1 

Log message:
update to rsync-3.4.0

https://www.openwall.com/lists/oss-security/2025/01/14/3

- CVE-2024-12084 - Heap Buffer Overflow in Checksum Parsing.
- CVE-2024-12085 - Info Leak via uninitialized Stack contents defeats ASLR.
- CVE-2024-12086 - Server leaks arbitrary client files.
- CVE-2024-12087 - Server can make client write files outside of destination 
directory using symbolic links.
- CVE-2024-12088 - --safe-links Bypass.
- CVE-2024-12747 - symlink race condition.

CVS: cvs.openbsd.org: ports

Reply via email to