[Git][security-tracker-team/security-tracker][master] Reference regression for CVE-2024-12087/rsync
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Jan 15 14:26:23 GMT 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
c93f591a by Salvatore Bonaccorso at 2025-01-15T14:46:35+01:00
Reference regression for CVE-2024-12087/rsync
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -904,6 +904,7 @@ CVE-2024-12087 (A path traversal vulnerability exists in rsync. It stems from be
NOTE: https://www.openwall.com/lists/oss-security/2025/01/14/3
NOTE: Fixed by: https://git.samba.org/?p=rsync.git;a=commit;h=688f5c379a433038bde36897a156d589be373a98 (v3.4.0)
NOTE: Fixed by: https://git.samba.org/?p=rsync.git;a=commit;h=344327385fa47fa5bb67a32c237735e6240cfb93 (v3.4.0)
+ NOTE: Fix introduces regression: https://github.com/RsyncProject/rsync/issues/697 (#1093052)
CVE-2024-12086 (A flaw was found in rsync. It could allow a server to enumerate the co ...)
{DSA-5843-1 DLA-4015-1}
- rsync 3.3.0+ds1-3
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c93f591a0ee1badb71687e9cdceabc4f3579cf84
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c93f591a0ee1badb71687e9cdceabc4f3579cf84
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250115/8d93b4ac/attachment.htm>
More information about the debian-security-tracker-commits
mailing list