rsync: fix CVE-2022-29154
The rsync package is vulnerable to CVE-2022-29154[1], which is not yet in a non-preview release. This commit applies the upstream commit to fix it and several subsequent commits needed to fix bugs the initial fix introduced[2]. 1. https://rsync.samba.org/ftp/rsync/NEWS#SECURITY_FIXES-3.2.5 2. https://bugs.archlinux.org/task/75558 Signed-off-by:John Audia <therealgraysky@proton.me> (cherry picked from commit 2611b865)
parent
63d46221
No related branches found
No related tags found
Showing
- net/rsync/patches/010-fix-CVE-2022-29154.patch 385 additions, 0 deletionsnet/rsync/patches/010-fix-CVE-2022-29154.patch
- net/rsync/patches/011-more-improvements-to-file-list-checking.patch 106 additions, 0 deletions...patches/011-more-improvements-to-file-list-checking.patch
- net/rsync/patches/012-a-few-more-minor-changes.patch 50 additions, 0 deletionsnet/rsync/patches/012-a-few-more-minor-changes.patch
- net/rsync/patches/013-handle-a-trailing-slash.patch 24 additions, 0 deletionsnet/rsync/patches/013-handle-a-trailing-slash.patch
Loading
Please register or sign in to comment