Re: [PATCH] rsync: Update to version 3.4.0

public inbox for development@lists.ipfire.org
 help / color / mirror / Atom feed

From: Michael Tremer <michael.tremer@ipfire.org>
To: development@lists.ipfire.org
Subject: Re: [PATCH] rsync: Update to version 3.4.0
Date: Thu, 16 Jan 2025 10:21:26 +0000	[thread overview]
Message-ID: <594E468C-A40E-4FDF-BD05-D7C9D5D428CD@ipfire.org> (raw)
In-Reply-To: <20250115132549.3265133-1-adolf.belka@ipfire.org>

[-- Attachment #1: Type: text/plain, Size: 4318 bytes --]

Thank you for this patch. I have merged this straight away back into c190 and pushed the new package out last night.

> On 15 Jan 2025, at 13:25, Adolf Belka <adolf.belka(a)ipfire.org> wrote:
> 
> - Update from version 3.3.0 to 3.4.0
> - Update of rootfile not required
> - Changelog
>    3.4.0
> Release 3.4.0 is a security release that fixes a number of important
> vulnerabilities. For more details on the vulnerabilities please see the CERT
> report https://kb.cert.org/vuls/id/952657
>     PROTOCOL NUMBER:
> - The protocol number was changed to 32 to make it easier for
>  administrators to check their servers have been updated
>     SECURITY FIXES:
> Many thanks to Simon Scannell, Pedro Gallegos, and Jasiel Spelman at
> Google Cloud Vulnerability Research and Aleksei Gorban (Loqpa) for
> discovering these vulnerabilities and working with the rsync project
> to develop and test fixes.
> - CVE-2024-12084 - Heap Buffer Overflow in Checksum Parsing.
> - CVE-2024-12085 - Info Leak via uninitialized Stack contents defeats ASLR.
> - CVE-2024-12086 - Server leaks arbitrary client files.
> - CVE-2024-12087 - Server can make client write files outside of destination directory using symbolic links.
> - CVE-2024-12088 - --safe-links Bypass.
> - CVE-2024-12747 - symlink race condition.
>     BUG FIXES:
> - Fixed the included popt to avoid a memory error on modern gcc versions.
> - Fixed an incorrect extern variable's type that caused an ACL issue on macOS.
> - Fixed IPv6 configure check
>     INTERNAL:
> - Updated included popt to version 1.19.
>     DEVELOPER RELATED:
> - Various improvements to the release scripts and git setup.
> - Improved packaging/var-checker to identify variable type issues.
> - added FreeBSD and Solaris CI builds
> 
> Signed-off-by: Adolf Belka <adolf.belka(a)ipfire.org>
> ---
> lfs/rsync | 20 ++++++++------------
> 1 file changed, 8 insertions(+), 12 deletions(-)
> 
> diff --git a/lfs/rsync b/lfs/rsync
> index fcbcd0ab9..a680a9cca 100644
> --- a/lfs/rsync
> +++ b/lfs/rsync
> @@ -1,7 +1,7 @@
> ###############################################################################
> #                                                                             #
> # IPFire.org - A linux based firewall                                         #
> -# Copyright (C) 2007-2024  IPFire Team  <info(a)ipfire.org>                     #
> +# Copyright (C) 2007-2025  IPFire Team  <info(a)ipfire.org>                     #
> #                                                                             #
> # This program is free software: you can redistribute it and/or modify        #
> # it under the terms of the GNU General Public License as published by        #
> @@ -26,7 +26,7 @@ include Config
> 
> SUMMARY    = Versatile tool for fast incremental file transfer
> 
> -VER        = 3.3.0
> +VER        = 3.4.0
> 
> THISAPP    = rsync-$(VER)
> DL_FILE    = $(THISAPP).tar.gz
> @@ -34,7 +34,7 @@ DL_FROM    = $(URL_IPFIRE)
> DIR_APP    = $(DIR_SRC)/$(THISAPP)
> TARGET     = $(DIR_INFO)/$(THISAPP)
> PROG       = rsync
> -PAK_VER    = 19
> +PAK_VER    = 20
> 
> DEPS       =
> 
> @@ -48,7 +48,7 @@ objects = $(DL_FILE)
> 
> $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
> 
> -$(DL_FILE)_BLAKE2 = 75a3cc50452086aebd16f42d7a309c173cbc1ea156227afb10d2106d0b9043e973676995b8199d22840775ae3df8db97d1c0de5f3aa58afa130c5b1348c3f825
> +$(DL_FILE)_BLAKE2 = ce88fdbc44cbb4522d48b5f8a11ce70b2d4c794612915390a865b478efd05aa1f17a0a4e1d4e698a968994b5e47ef4df16315c93e87398b848fdcef9e8dc71a1
> 
> install : $(TARGET)
> 
> @@ -81,18 +81,14 @@ $(subst %,%_BLAKE2,$(objects)) :
> $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
> @$(PREBUILD)
> @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
> -
> # Replace shebang in rsync-ssl
> cd $(DIR_APP) && sed -i -e "s@^#!.*@#!/bin/bash@" rsync-ssl
> -
> cd $(DIR_APP) && ./configure \
> - --prefix=/usr \
> - --without-included-popt \
> - --without-included-zlib \
> - --disable-xxhash
> -
> + --prefix=/usr \
> + --without-included-popt \
> + --without-included-zlib \
> + --disable-xxhash
> cd $(DIR_APP) && make $(MAKETUNING) $(EXTRA_MAKE)
> cd $(DIR_APP) && make install
> -
> @rm -rf $(DIR_APP)
> @$(POSTBUILD)
> -- 
> 2.47.1
>

next prev parent reply	other threads:[~2025-01-16 10:21 UTC|newest]

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2025-01-15 13:25 Adolf Belka
2025-01-16 10:21 ` Michael Tremer [this message]
     [not found] <H000007e0085ebb8.1737036355.mail.at4b.com@MHS>
2025-01-17  9:34 ` Michael Tremer

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=594E468C-A40E-4FDF-BD05-D7C9D5D428CD@ipfire.org \
    --to=michael.tremer@ipfire.org \
    --cc=development@lists.ipfire.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox