git.99rst.org / openwrt-packages.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 6345250)
rsync: fix CVE-2022-29154
authorJohn Audia <redacted>
Tue, 2 Aug 2022 06:39:29 +0000 (02:39 -0400)
committerJosef Schlehofer <redacted>
Sat, 13 Aug 2022 09:31:08 +0000 (11:31 +0200)
commit2611b86547aec7ef14ad2882381e9e66d7ee9bec
treeda3e4b36e4625f877fccede8b2078c3e54b55b02tree | snapshot
parent6345250af4156b26bb1862b841a657f1e2686a16commit | diff
rsync: fix CVE-2022-29154

The rsync package is vulnerable to CVE-2022-29154[1], which is not yet in a
non-preview release. This commit applies the upstream commit to fix it and
several subsequent commits needed to fix bugs the initial fix introduced[2].

1. https://rsync.samba.org/ftp/rsync/NEWS#SECURITY_FIXES-3.2.5
2. https://bugs.archlinux.org/task/75558

Signed-off-by: John Audia <redacted>
net/rsync/patches/010-fix-CVE-2022-29154.patch [new file with mode: 0644] blob
net/rsync/patches/011-more-improvements-to-file-list-checking.patch [new file with mode: 0644] blob
net/rsync/patches/012-a-few-more-minor-changes.patch [new file with mode: 0644] blob
net/rsync/patches/013-handle-a-trailing-slash.patch [new file with mode: 0644] blob
git clone https://git.99rst.org/PROJECT