New version 3.4.1

Resolves: RHEL-70151 - Heap Buffer Overflow in Rsync due to Improper Checksum Length Handling Resolves: RHEL-70159 - Info Leak via Uninitialized Stack Contents Resolves: RHEL-70203 - rsync server leaks arbitrary client files Resolves: RHEL-72500 - Path traversal vulnerability in rsync Resolves: RHEL-72501 - --safe-links option bypass leads to path traversal Resolves: RHEL-71658 - Race Condition in rsync Handling Symbolic Links Resolves: RHEL-71293 - Build rsync with --with-rrsync
2025-01-17 13:46:49 +01:00 · 2025-01-17 13:46:49 +01:00 · 2c6e551b2e
commit 2c6e551b2e
parent b58f56908b
4 changed files with 46 additions and 5 deletions
--- a/.gitignore
+++ b/.gitignore
@ -26,3 +26,5 @@ rsync-patches-3.0.8.tar.gz
 /rsync-patches-3.2.7.tar.gz
 /rsync-3.3.0.tar.gz
 /rsync-patches-3.3.0.tar.gz
+/rsync-3.4.1.tar.gz
+/rsync-patches-3.4.1.tar.gz
--- a/rsync-3.4.1-rrsync-man.patch
+++ b/rsync-3.4.1-rrsync-man.patch
@ -0,0 +1,23 @@
+diff --git a/Makefile.in b/Makefile.in
+index 3cde955..06232f1 100644
+--- a/Makefile.in
+++ b/Makefile.in
+@@ -106,6 +106,9 @@ rsync$(EXEEXT): $(OBJS)
+ rrsync: support/rrsync
+ 	cp -p $(srcdir)/support/rrsync rrsync
+ 
+rrsync.1.md: support/rrsync.1.md
+	cp -p $(srcdir)/support/rrsync.1.md rrsync.1.md
+
+ $(OBJS): $(HEADERS)
+ $(CHECK_OBJS): $(HEADERS)
+ tls.o xattrs.o: lib/sysxattrs.h
+@@ -269,7 +269,7 @@ rsyncd.conf.5: rsyncd.conf.5.md md-convert version.h Makefile
+ 	@$(srcdir)/maybe-make-man rsyncd.conf.5.md
+ 
+ rrsync.1: support/rrsync.1.md md-convert Makefile
+-	@$(srcdir)/maybe-make-man support/rrsync.1.md
+	@$(srcdir)/maybe-make-man rrsync.1.md
+ 
+ .PHONY: clean
+ clean: cleantests
--- a/rsync.spec
+++ b/rsync.spec
@ -8,8 +8,8 @@

 Summary: A program for synchronizing files over a network
 Name: rsync
-Version: 3.3.0
-Release: 6%{?prerelease}%{?dist}
+Version: 3.4.1
+Release: 1%{?prerelease}%{?dist}
 URL: https://rsync.samba.org/

 Source0: https://download.samba.org/pub/rsync/src/rsync-%{version}%{?prerelease}.tar.gz
@ -43,6 +43,8 @@ Provides: bundled(zlib) = 1.2.8
 License: GPL-3.0-or-later

 Patch1: rsync-3.2.2-runtests.patch
+# creating rrsync.1.md would require commonmark, we copy it instead
+Patch2: rsync-3.4.1-rrsync-man.patch

 %description
 Rsync uses a reliable algorithm to bring remote and host files into
@ -75,6 +77,7 @@ package provides the anonymous rsync service.

 #%patch0 -p1 -b .verify-hostname
 %patch 1 -p1 -b .runtests
+%patch 2 -p1 -b .rrsync

 %build
 %configure \
@ -84,7 +87,8 @@ package provides the anonymous rsync service.
 %endif
  --enable-zstd \
  --enable-lz4 \
-  --enable-ipv6
+  --enable-ipv6 \
+  --with-rrsync

 %{make_build}

@ -105,8 +109,10 @@ install -D -m644 %{SOURCE6} $RPM_BUILD_ROOT/%{_unitdir}/rsyncd@.service
 %license COPYING
 %doc support/ tech_report.tex
 %{_bindir}/%{name}
+%{_bindir}/r%{name}
 %{_bindir}/%{name}-ssl
 %{_mandir}/man1/%{name}.1*
+%{_mandir}/man1/r%{name}.1*
 %{_mandir}/man1/%{name}-ssl.1*
 %{_mandir}/man5/rsyncd.conf.5*
 %config(noreplace) %{_sysconfdir}/rsyncd.conf
@ -127,6 +133,16 @@ install -D -m644 %{SOURCE6} $RPM_BUILD_ROOT/%{_unitdir}/rsyncd@.service
 %systemd_postun_with_restart rsyncd.service

 %changelog
+* Wed Jan 15 2025 Michal Ruprich <mruprich@redhat.com> - 3.4.1-1
+- New version 3.4.1
+- Resolves: RHEL-70151 - Heap Buffer Overflow in Rsync due to Improper Checksum Length Handling
+- Resolves: RHEL-70159 - Info Leak via Uninitialized Stack Contents
+- Resolves: RHEL-70203 - rsync server leaks arbitrary client files
+- Resolves: RHEL-72500 - Path traversal vulnerability in rsync
+- Resolves: RHEL-72501 - --safe-links option bypass leads to path traversal
+- Resolves: RHEL-71658 - Race Condition in rsync Handling Symbolic Links
+- Resolves: RHEL-71293 - Build rsync with --with-rrsync
+
 * Tue Oct 29 2024 Troy Dawson <tdawson@redhat.com> - 3.3.0-6
 - Bump release for October 2024 mass rebuild:
  Resolves: RHEL-64018
--- a/4
+++ b/4
@ -1,2 +1,2 @@
-SHA512 (rsync-3.3.0.tar.gz) = df5c53bc2f2b0e7e30f475903e5e4296dc2fbcf08e9ea6c3c61462d0e52b067c27e82deeb4be79102c86e9aa55a825182e126f22df44dabf5b7328acb2a01d10
-SHA512 (rsync-patches-3.3.0.tar.gz) = f82aac81865fca1bf9dbc5964cc18a084029d8bca232d56f07a598a67eaa9cb01c3293c3a491d2147b9b14a51a4008c85ce0091bcae42e5776a5ffeebb84da11
+SHA512 (rsync-3.4.1.tar.gz) = a3ecde4843ddb795308dca88581b868ac0221eb6f88a1477d7a9a2ecb4e4686042966bdddbab40866f90a4715d3104daa7b83222ddf0f3387b796a86bde8e5c2
+SHA512 (rsync-patches-3.4.1.tar.gz) = 0a2439f43e53cef028e5c0a25bd20fd308e6094af36e6d1109e9b5149035ce9c650d4cac7e7523671b4c3e8d6d6c68e40445dd0d8ae9adbc19771aba0831ed33