net/rsync/patches/011-more-improvements-to-file-list-checking.patch · 8c85981f836a2ca1af93b65ceee1b3034e70c2cb · Feed / openwrt-packages

2 years ago

rsync: fix CVE-2022-29154 · 8c85981f

John Audia authored 2 years ago

The rsync package is vulnerable to CVE-2022-29154[1], which is not yet in a
non-preview release. This commit applies the upstream commit to fix it and
several subsequent commits needed to fix bugs the initial fix introduced[2].

1. https://rsync.samba.org/ftp/rsync/NEWS#SECURITY_FIXES-3.2.5
2. https://bugs.archlinux.org/task/75558



Signed-off-by: John Audia <therealgraysky@proton.me>
(cherry picked from commit 2611b865)

Unverified

8c85981f

History

rsync: fix CVE-2022-29154

John Audia authored 2 years ago

The rsync package is vulnerable to CVE-2022-29154[1], which is not yet in a
non-preview release. This commit applies the upstream commit to fix it and
several subsequent commits needed to fix bugs the initial fix introduced[2].

1. https://rsync.samba.org/ftp/rsync/NEWS#SECURITY_FIXES-3.2.5
2. https://bugs.archlinux.org/task/75558



Signed-off-by: John Audia <therealgraysky@proton.me>
(cherry picked from commit 2611b865)