hi,
thanks a lot for all those detailled informations !
It good to know that is the server is ok then most of it is ok too.
i have some old client machine that cannot be upgraded and this is bad :(
--
cordialement,
Ghislain ADNET.
AQUEOS.
___
Backup
Hi there,
On Wed, 15 Jan 2025, Ghislain Adnet wrote:
do you [think] those can affect also rsync-bpc ... ?
Firstly, if you're using rsync or rsyncd then it's time to upgrade!
Secondly, I would not recommend that anyone permit any kind of rsync
access to potentially abusive users. It is very
Rsync 3.4 Released Due To Multiple, Significant Security Vulnerabilities
All six of these CVEs are fixed in Rsync 3.4:
CVE-2024-12084 - Heap Buffer Overflow in Checksum Parsing.
CVE-2024-12085 - Info Leak via uninitialized Stack contents defeats ASLR.
CVE-2024-12086 - Server leak
