[git.ipfire.org] IPFire 2.x development tree branch, core190, updated. b788af128e7ab0700d442e124282f1b1f916c3e2

public inbox for ipfire-scm@lists.ipfire.org
 help / color / mirror / Atom feed

* [git.ipfire.org] IPFire 2.x development tree branch, core190, updated. b788af128e7ab0700d442e124282f1b1f916c3e2
@ 2025-01-15 15:08 Michael Tremer
  0 siblings, 0 replies; only message in thread
From: Michael Tremer @ 2025-01-15 15:08 UTC (permalink / raw)
  To: ipfire-scm

[-- Attachment #1: Type: text/plain, Size: 5131 bytes --]

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "IPFire 2.x development tree".

The branch, core190 has been updated
       via  b788af128e7ab0700d442e124282f1b1f916c3e2 (commit)
      from  b57bafa358ae77a3d4ac7e721b034ea21d3059a2 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit b788af128e7ab0700d442e124282f1b1f916c3e2
Author: Adolf Belka <adolf.belka(a)ipfire.org>
Date:   Wed Jan 15 14:25:49 2025 +0100

    rsync: Update to version 3.4.0
    
    - Update from version 3.3.0 to 3.4.0
    - Update of rootfile not required
    - Changelog
        3.4.0
    	Release 3.4.0 is a security release that fixes a number of important
    	 vulnerabilities. For more details on the vulnerabilities please see the CERT
    	 report https://kb.cert.org/vuls/id/952657
         PROTOCOL NUMBER:
    	- The protocol number was changed to 32 to make it easier for
    	  administrators to check their servers have been updated
         SECURITY FIXES:
    	Many thanks to Simon Scannell, Pedro Gallegos, and Jasiel Spelman at
    	 Google Cloud Vulnerability Research and Aleksei Gorban (Loqpa) for
    	 discovering these vulnerabilities and working with the rsync project
    	 to develop and test fixes.
    	- CVE-2024-12084 - Heap Buffer Overflow in Checksum Parsing.
    	- CVE-2024-12085 - Info Leak via uninitialized Stack contents defeats ASLR.
    	- CVE-2024-12086 - Server leaks arbitrary client files.
    	- CVE-2024-12087 - Server can make client write files outside of destination directory using symbolic links.
    	- CVE-2024-12088 - --safe-links Bypass.
    	- CVE-2024-12747 - symlink race condition.
         BUG FIXES:
    	- Fixed the included popt to avoid a memory error on modern gcc versions.
    	- Fixed an incorrect extern variable's type that caused an ACL issue on macOS.
    	- Fixed IPv6 configure check
         INTERNAL:
    	- Updated included popt to version 1.19.
         DEVELOPER RELATED:
    	- Various improvements to the release scripts and git setup.
    	- Improved packaging/var-checker to identify variable type issues.
    	- added FreeBSD and Solaris CI builds
    
    Signed-off-by: Adolf Belka <adolf.belka(a)ipfire.org>
    Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>

-----------------------------------------------------------------------

Summary of changes:
 lfs/rsync | 20 ++++++++------------
 1 file changed, 8 insertions(+), 12 deletions(-)

Difference in files:
diff --git a/lfs/rsync b/lfs/rsync
index fcbcd0ab90..a680a9cca4 100644
--- a/lfs/rsync
+++ b/lfs/rsync
@@ -1,7 +1,7 @@
 ###############################################################################
 #                                                                             #
 # IPFire.org - A linux based firewall                                         #
-# Copyright (C) 2007-2024  IPFire Team  <info(a)ipfire.org>                     #
+# Copyright (C) 2007-2025  IPFire Team  <info(a)ipfire.org>                     #
 #                                                                             #
 # This program is free software: you can redistribute it and/or modify        #
 # it under the terms of the GNU General Public License as published by        #
@@ -26,7 +26,7 @@ include Config
 
 SUMMARY    = Versatile tool for fast incremental file transfer
 
-VER        = 3.3.0
+VER        = 3.4.0
 
 THISAPP    = rsync-$(VER)
 DL_FILE    = $(THISAPP).tar.gz
@@ -34,7 +34,7 @@ DL_FROM    = $(URL_IPFIRE)
 DIR_APP    = $(DIR_SRC)/$(THISAPP)
 TARGET     = $(DIR_INFO)/$(THISAPP)
 PROG       = rsync
-PAK_VER    = 19
+PAK_VER    = 20
 
 DEPS       =
 
@@ -48,7 +48,7 @@ objects = $(DL_FILE)
 
 $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
 
-$(DL_FILE)_BLAKE2 = 75a3cc50452086aebd16f42d7a309c173cbc1ea156227afb10d2106d0b9043e973676995b8199d22840775ae3df8db97d1c0de5f3aa58afa130c5b1348c3f825
+$(DL_FILE)_BLAKE2 = ce88fdbc44cbb4522d48b5f8a11ce70b2d4c794612915390a865b478efd05aa1f17a0a4e1d4e698a968994b5e47ef4df16315c93e87398b848fdcef9e8dc71a1
 
 install : $(TARGET)
 
@@ -81,18 +81,14 @@ $(subst %,%_BLAKE2,$(objects)) :
 $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
 	@$(PREBUILD)
 	@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
-
 	# Replace shebang in rsync-ssl
 	cd $(DIR_APP) && sed -i -e "s@^#!.*@#!/bin/bash@" rsync-ssl
-
 	cd $(DIR_APP) && ./configure \
-	--prefix=/usr \
-	--without-included-popt \
-	--without-included-zlib \
-	--disable-xxhash
-
+				--prefix=/usr \
+				--without-included-popt \
+				--without-included-zlib \
+				--disable-xxhash
 	cd $(DIR_APP) && make $(MAKETUNING) $(EXTRA_MAKE)
 	cd $(DIR_APP) && make install
-
 	@rm -rf $(DIR_APP)
 	@$(POSTBUILD)


hooks/post-receive
--
IPFire 2.x development tree

^ permalink raw reply	[flat|nested] only message in thread

only message in thread, other threads:[~2025-01-15 15:08 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2025-01-15 15:08 [git.ipfire.org] IPFire 2.x development tree branch, core190, updated. b788af128e7ab0700d442e124282f1b1f916c3e2 Michael Tremer

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox