[Git][security-tracker-team/security-tracker][master] add rsync references

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
18cac0e1 by Moritz Muehlenhoff at 2025-08-19T07:26:42+02:00
add rsync references

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -69497,6 +69497,7 @@ CVE-2024-12088 (A flaw was found in rsync. When using the `--safe-links` option,
 	- rsync 3.3.0+ds1-3
 	NOTE: https://www.openwall.com/lists/oss-security/2025/01/14/3
 	NOTE: Fixed by: https://git.samba.org/?p=rsync.git;a=commit;h=407c71c7ce562137230e8ba19149c81ccc47c387 (v3.4.0)
+	NOTE: https://phrack.org/issues/72/11_md#article
 CVE-2024-12087 (A path traversal vulnerability exists in rsync. It stems from behavior ...)
 	{DSA-5843-1 DLA-4015-1}
 	- rsync 3.3.0+ds1-3
@@ -69505,6 +69506,7 @@ CVE-2024-12087 (A path traversal vulnerability exists in rsync. It stems from be
 	NOTE: Fixed by: https://git.samba.org/?p=rsync.git;a=commit;h=344327385fa47fa5bb67a32c237735e6240cfb93 (v3.4.0)
 	NOTE: Fix introduces regression: https://github.com/RsyncProject/rsync/issues/697 (#1093052)
 	NOTE: Regression fix: https://github.com/RsyncProject/rsync/commit/996af4a79f9afe4d7158ecdd87c78cee382c6b39
+	NOTE: https://phrack.org/issues/72/11_md#article
 CVE-2024-12086 (A flaw was found in rsync. It could allow a server to enumerate the co ...)
 	{DSA-5843-1 DLA-4015-1}
 	- rsync 3.3.0+ds1-3
@@ -69514,11 +69516,13 @@ CVE-2024-12086 (A flaw was found in rsync. It could allow a server to enumerate
 	NOTE: Fixed by: https://git.samba.org/?p=rsync.git;a=commit;h=c35e28331f10ba6eba370611abd78bde32d54da7 (v3.4.0)
 	NOTE: Fixed by: https://git.samba.org/?p=rsync.git;a=commit;h=9f86ddc9652247233f32b241a79d5aa4fb9d4afa (v3.4.0)
 	NOTE: Fix introduces regression: https://github.com/RsyncProject/rsync/issues/715 (#1093160)
+	NOTE: https://phrack.org/issues/72/11_md#article
 CVE-2024-12085 (A flaw was found in rsync which could be triggered when rsync compares ...)
 	{DSA-5843-1 DLA-4015-1}
 	- rsync 3.3.0+ds1-3
 	NOTE: https://www.openwall.com/lists/oss-security/2025/01/14/3
 	NOTE: Fixed by: https://git.samba.org/?p=rsync.git;a=commit;h=589b0691e59f761ccb05ddb8e1124991440db2c7 (v3.4.0)
+	NOTE: https://phrack.org/issues/72/11_md#article
 CVE-2024-12084 (A heap-based buffer overflow flaw was found in the rsync daemon. This  ...)
 	{DSA-5843-1}
 	- rsync 3.3.0+ds1-3
@@ -69526,6 +69530,7 @@ CVE-2024-12084 (A heap-based buffer overflow flaw was found in the rsync daemon.
 	NOTE: Fixed by: https://git.samba.org/?p=rsync.git;a=commit;h=0902b52f6687b1f7952422080d50b93108742e53 (v3.4.0)
 	NOTE: Fixed by: https://git.samba.org/?p=rsync.git;a=commit;h=42e2b56c4ede3ab164f9a5c6dae02aa84606a6c1 (v3.4.0)
 	NOTE: https://www.openwall.com/lists/oss-security/2025/01/14/3
+	NOTE: https://phrack.org/issues/72/11_md#article
 CVE-2025-23082 (Veeam Backup for Microsoft Azure is vulnerable to Server-Side Request  ...)
 	NOT-FOR-US: Veeam
 CVE-2025-23038 (WeGIA is an open source web manager with a focus on the Portuguese lan ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/18cac0e18cdcf6a34c64b8d1953439e1e0da01ec

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/18cac0e18cdcf6a34c64b8d1953439e1e0da01ec
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250819/dca0a5d0/attachment.htm>