UbuntuUpdates.org

Package "rsync"

Name: rsync

Description:

fast, versatile, remote (and local) file-copying tool
Latest version: 3.2.7-0ubuntu0.22.04.2
Release: jammy (22.04)
Level: updates
Repository: main
Homepage: https://rsync.samba.org/

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "rsync"

32-bit deb package
64-bit deb package
APT INSTALL

Other versions of "rsync" in Jammy

Repository Area Version
base main 3.2.3-8ubuntu3
security main 3.2.7-0ubuntu0.22.04.2

Changelog

Version: 3.2.7-0ubuntu0.22.04.2 2023-03-06 15:06:57 UTC

  rsync (3.2.7-0ubuntu0.22.04.2) jammy-security; urgency=medium

  * SECURITY UPDATE: arbitrary file write via malicious remote servers
    - Updated to 3.2.7 to fix security issue and multiple regressions
      caused by the original security fixes.
    - debian/patches: Added two additional upstream patches:
      + trust_the_sender_on_a_local_transfer.patch
      + avoid_quoting_of_tilde_when_its_a_destination_arg.patch
    - Removed patches no longer needed with 3.2.7:
      + CVE-2020-14387.patch, fix_ftcbfs_configure.patch,
        fix_delay_updates.patch, copy-devices.diff,
        workaround_glibc_lchmod_regression.patch,
        manpage_upstream_fixes.patch, fix_mkpath.patch,
        fix_sparse_inplace.patch, update_rrsync_options.patch,
        fix_rsync-ssl_RSYNC_SSL_CERT_feature.patch,
        avoid_spurious_is_newer_messages_with_update.patch.
    - debian/control, debian/rules, debian/rsync.install,
      debian/rsync.links: ship new python-based rrsync.
    - debian/rsync.install: cull_options has been renamed to cull-options.
    - CVE-2022-29154

 -- Marc Deslauriers <email address hidden> Mon, 27 Feb 2023 14:36:14 -0500
Source diff to previous version
CVE-2020-14387 A flaw was found in rsync in versions since 3.2.0pre1. Rsync improperly validates certificate with host mismatch vulnerability. A remote, unauthentic
CVE-2022-29154 An issue was discovered in rsync before 3.2.5 that allows malicious remote servers to write arbitrary files inside the directories of connecting peer

Version: 3.2.3-8ubuntu3.1 2022-11-21 11:07:18 UTC

  rsync (3.2.3-8ubuntu3.1) jammy; urgency=medium

  * d/p/avoid_spurious_is_newer_messages_with_update.patch: New patch from
    upstream (LP: #1965076)

 -- Simon Deziel <email address hidden> Tue, 11 Oct 2022 22:37:36 +0000
1965076 rsync --update incorrectly reports file \


About   -   Send Feedback to @ubuntu_updates