[Buildroot] [PATCH] rsync: security bump to version 3.1.3

Thomas Petazzoni thomas.petazzoni at bootlin.com
Sat Feb 10 09:14:40 UTC 2018


Hello,

On Fri,  9 Feb 2018 07:26:28 +0200, Baruch Siach wrote:
> Fixes CVE-2018-5764: remote attackers can bypass an
> argument-sanitization protection mechanism
> 
> Drop upstream patches.
> 
> Add license file hash.
> 
> Signed-off-by: Baruch Siach <baruch at tkos.co.il>
> ---
>  .../0001-Check-fname-in-recv_files-sooner.patch    | 45 ----------------------
>  ...0002-Sanitize-xname-in-read_ndx_and_attrs.patch | 39 -------------------
>  ...mon-filter-against-fnamecmp-in-recv_files.patch | 28 --------------
>  ...ailing-0-when-receiving-xattr-name-values.patch | 33 ----------------
>  package/rsync/rsync.hash                           |  5 ++-
>  package/rsync/rsync.mk                             |  2 +-
>  6 files changed, 5 insertions(+), 147 deletions(-)
>  delete mode 100644 package/rsync/0001-Check-fname-in-recv_files-sooner.patch
>  delete mode 100644 package/rsync/0002-Sanitize-xname-in-read_ndx_and_attrs.patch
>  delete mode 100644 package/rsync/0003-Check-daemon-filter-against-fnamecmp-in-recv_files.patch
>  delete mode 100644 package/rsync/0004-Enforce-trailing-0-when-receiving-xattr-name-values.patch

Applied to master, thanks.

Thomas
-- 
Thomas Petazzoni, CTO, Bootlin (formerly Free Electrons)
Embedded Linux and Kernel engineering
https://bootlin.com



More information about the buildroot mailing list