New version 3.3.0

.gitignore

@@ -24,3 +24,5 @@ rsync-patches-3.0.8.tar.gz
 /rsync-patches-3.2.6.tar.gz
 /rsync-3.2.7.tar.gz
 /rsync-patches-3.2.7.tar.gz
+/rsync-3.3.0.tar.gz
+/rsync-patches-3.3.0.tar.gz

rsync-3.2.7-buffer-overflow.patch

@@ -1,48 +0,0 @@
-From 1f83963f59960150e8c46112daa8411324c1f209 Mon Sep 17 00:00:00 2001
-From: Jiri Slaby <jslaby@suse.cz>
-Date: Fri, 18 Aug 2023 08:26:20 +0200
-Subject: [PATCH] exclude: fix crashes with fortified strlcpy()
-
-Fortified (-D_FORTIFY_SOURCE=2 for gcc) builds make strlcpy() crash when
-its third parameter (size) is larger than the buffer:
-  $ rsync -FFXHav '--filter=merge global-rsync-filter' Align-37-43/ xxx
-  sending incremental file list
-  *** buffer overflow detected ***: terminated
-
-It's in the exclude code in setup_merge_file():
-  strlcpy(y, save, MAXPATHLEN);
-
-Note the 'y' pointer was incremented, so it no longer points to memory
-with MAXPATHLEN "owned" bytes.
-
-Fix it by remembering the number of copied bytes into the 'save' buffer
-and use that instead of MAXPATHLEN which is clearly incorrect.
-
-Fixes #511.
----
- exclude.c | 5 +++--
- 1 file changed, 3 insertions(+), 2 deletions(-)
-
-diff --git a/exclude.c b/exclude.c
-index ffe55b167..1a5de3b9e 100644
---- a/exclude.c
-+++ b/exclude.c
-@@ -720,7 +720,8 @@ static BOOL setup_merge_file(int mergelist_num, filter_rule *ex,
- 	parent_dirscan = True;
- 	while (*y) {
- 		char save[MAXPATHLEN];
--		strlcpy(save, y, MAXPATHLEN);
-+		/* copylen is strlen(y) which is < MAXPATHLEN. +1 for \0 */
-+		size_t copylen = strlcpy(save, y, MAXPATHLEN) + 1;
- 		*y = '\0';
- 		dirbuf_len = y - dirbuf;
- 		strlcpy(x, ex->pattern, MAXPATHLEN - (x - buf));
-@@ -734,7 +735,7 @@ static BOOL setup_merge_file(int mergelist_num, filter_rule *ex,
- 			lp->head = NULL;
- 		}
- 		lp->tail = NULL;
--		strlcpy(y, save, MAXPATHLEN);
-+		strlcpy(y, save, copylen);
- 		while ((*x++ = *y++) != '/') {}
- 	}
- 	parent_dirscan = False;

rsync.spec

@@ -8,8 +8,8 @@
 
 Summary: A program for synchronizing files over a network
 Name: rsync
-Version: 3.2.7
-Release: 7%{?prerelease}%{?dist}
+Version: 3.3.0
+Release: 1%{?prerelease}%{?dist}
 URL: https://rsync.samba.org/
 
 Source0: https://download.samba.org/pub/rsync/src/rsync-%{version}%{?prerelease}.tar.gz
@@ -41,7 +41,6 @@ Provides: bundled(zlib) = 1.2.8
 License: GPL-3.0-or-later
 
 Patch1: rsync-3.2.2-runtests.patch
-Patch2: rsync-3.2.7-buffer-overflow.patch
 
 %description
 Rsync uses a reliable algorithm to bring remote and host files into
@@ -74,7 +73,6 @@ package provides the anonymous rsync service.
 
 #%patch0 -p1 -b .verify-hostname
 %patch 1 -p1 -b .runtests
-%patch 2 -p1 -b .buffer-overflow
 
 %build
 %configure \
@@ -125,6 +123,9 @@ install -D -m644 %{SOURCE6} $RPM_BUILD_ROOT/%{_unitdir}/rsyncd@.service
 %systemd_postun_with_restart rsyncd.service
 
 %changelog
+* Fri Apr 12 2024 Michal Ruprich <mruprich@redhat.com> - 3.3.0-1
+- New version 3.3.0
+
 * Fri Jan 26 2024 Fedora Release Engineering <releng@fedoraproject.org> - 3.2.7-7
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
 

sources

@@ -1,2 +1,2 @@
-SHA512 (rsync-3.2.7.tar.gz) = c2afba11a352fd88133f9e96e19d6df80eb864450c83eced13a7faa23df947bccf2ef093f2101df6ee30abff4cbbd39ac802e9aa5f726e42c9caff274fad8377
-SHA512 (rsync-patches-3.2.7.tar.gz) = e675f6a3b0f875965b49bb1d655628d646d384e989e93e6d873c86f2c72743c7c8d16e481bc3bd5e9b49ad2c41191acf8d1cb32b2c4394776ce63a3185116743
+SHA512 (rsync-3.3.0.tar.gz) = df5c53bc2f2b0e7e30f475903e5e4296dc2fbcf08e9ea6c3c61462d0e52b067c27e82deeb4be79102c86e9aa55a825182e126f22df44dabf5b7328acb2a01d10
+SHA512 (rsync-patches-3.3.0.tar.gz) = f82aac81865fca1bf9dbc5964cc18a084029d8bca232d56f07a598a67eaa9cb01c3293c3a491d2147b9b14a51a4008c85ce0091bcae42e5776a5ffeebb84da11