[Git][security-tracker-team/security-tracker][master] Track another rsync regression (from CVE-2024-12086)

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Jan 16 18:36:08 GMT 2025



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
2c6e9548 by Salvatore Bonaccorso at 2025-01-16T19:35:35+01:00
Track another rsync regression (from CVE-2024-12086)

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1384,6 +1384,7 @@ CVE-2024-12086 (A flaw was found in rsync. It could allow a server to enumerate
 	NOTE: Fixed by: https://git.samba.org/?p=rsync.git;a=commit;h=b4a27ca25d0abb6fcf14f41b7e11f3a6e1d8a4ff (v3.4.0)
 	NOTE: Fixed by: https://git.samba.org/?p=rsync.git;a=commit;h=c35e28331f10ba6eba370611abd78bde32d54da7 (v3.4.0)
 	NOTE: Fixed by: https://git.samba.org/?p=rsync.git;a=commit;h=9f86ddc9652247233f32b241a79d5aa4fb9d4afa (v3.4.0)
+	NOTE: Fix introduces regression: https://github.com/RsyncProject/rsync/issues/715 (#1093160)
 CVE-2024-12085 (A flaw was found in the rsync daemon which could be triggered when rsy ...)
 	{DSA-5843-1 DLA-4015-1}
 	- rsync 3.3.0+ds1-3



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2c6e9548da8945282faa46429a7093429e057d79

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2c6e9548da8945282faa46429a7093429e057d79
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250116/e5850b2d/attachment-0001.htm>


More information about the debian-security-tracker-commits mailing list