[ubuntu/jammy-updates] rsync 3.2.7-0ubuntu0.22.04.2 (Accepted)
Ubuntu Archive Robot
ubuntu-archive-robot at lists.canonical.com
Mon Mar 6 13:28:21 UTC 2023
rsync (3.2.7-0ubuntu0.22.04.2) jammy-security; urgency=medium
* SECURITY UPDATE: arbitrary file write via malicious remote servers
- Updated to 3.2.7 to fix security issue and multiple regressions
caused by the original security fixes.
- debian/patches: Added two additional upstream patches:
+ trust_the_sender_on_a_local_transfer.patch
+ avoid_quoting_of_tilde_when_its_a_destination_arg.patch
- Removed patches no longer needed with 3.2.7:
+ CVE-2020-14387.patch, fix_ftcbfs_configure.patch,
fix_delay_updates.patch, copy-devices.diff,
workaround_glibc_lchmod_regression.patch,
manpage_upstream_fixes.patch, fix_mkpath.patch,
fix_sparse_inplace.patch, update_rrsync_options.patch,
fix_rsync-ssl_RSYNC_SSL_CERT_feature.patch,
avoid_spurious_is_newer_messages_with_update.patch.
- debian/control, debian/rules, debian/rsync.install,
debian/rsync.links: ship new python-based rrsync.
- debian/rsync.install: cull_options has been renamed to cull-options.
- CVE-2022-29154
Date: 2023-02-28 16:28:54.172791+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
Signed-By: Ubuntu Archive Robot <ubuntu-archive-robot at lists.canonical.com>
https://launchpad.net/ubuntu/+source/rsync/3.2.7-0ubuntu0.22.04.2
-------------- next part --------------
Sorry, changesfile not available.
More information about the jammy-changes
mailing list