NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
8513099bc2
kumquat-buildroot/package/rsync/rsync.hash
Fabrice Fontaine ae2807821d package/rsync: security bump to version 3.2.5 
- Fix CVE-2022-29154: An issue was discovered in rsync before 3.2.5 that
  allows malicious remote servers to write arbitrary files inside the
  directories of connecting peers. The server chooses which
  files/directories are sent to the client. However, the rsync client
  performs insufficient validation of file names. A malicious rsync
  server (or Man-in-The-Middle attacker) can overwrite arbitrary files
  in the rsync client target directory and subdirectories (for example,
  overwrite the .ssh/authorized_keys file).
- Drop patches (already in version)
- Update hash of COPYING (make openssl license exception clearer by
  having it at the top and use modern links in COPYING:
  dde4695136)

https://github.com/WayneD/rsync/blob/v3.2.5/NEWS.md

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2022-08-27 09:44:37 +02:00

6 lines
312 B
Plaintext
Raw Blame History

# Locally calculated after checking pgp signature
# https://download.samba.org/pub/rsync/src/rsync-3.2.5.tar.gz.asc
sha256 2ac4d21635cdf791867bc377c35ca6dda7f50d919a58be45057fd51600c69aba rsync-3.2.5.tar.gz
# Locally calculated
sha256 85c19ea50a224c2d0067a69c083584e5717b40b76610ec1218f91385775067dd COPYING
Reference in New Issue View Git Blame Copy Permalink