rpms/rsync
7
0
Fork 1
Code Issues Pull Requests Releases Activity

Rebase of rsync to 3.4.4

Browse Source 
This rebase picks up fixes for multiple CVEs:
CVE-2026-29518
CVE-2026-43617
CVE-2026-43618
CVE-2026-43619
CVE-2026-43620
CVE-2026-45232

I am also using this opportunity to clean the repository of patches that
are no longer used. I decided to remove the prerelease tag since I never
really used it in RHEL and I also removed it in Fedora recently as well.

I am adding git-core as a BuildRequires to make maintenance of the
package a little bit easier. python3 is also newly added because
testsuite is now written in Python. None of these add new packages to
our composes.

I removed rsync-patches. The Upstream decided to stop the support for
these and they stopped shipping it. In RHEL10 we never used any of the
patches from rsync-patches anyway.

Resolves: RHEL-186589
Resolves: RHEL-174931 - CVE-2026-29518
Resolves: RHEL-174947 - CVE-2026-43618
This commit is contained in:
Michal Ruprich 2026-06-22 15:08:43 +02:00
parent 41d0cebe6b
commit 4fe8d5f3ff
12 changed files with 39 additions and 686 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@ -28,3 +28,4 @@ rsync-patches-3.0.8.tar.gz
/rsync-patches-3.3.0.tar.gz
/rsync-3.4.1.tar.gz
/rsync-patches-3.4.1.tar.gz
/rsync-3.4.4.tar.gz

22
rsync-3.0.6-iconv-logging.patch
View File

@ -1,22 +0,0 @@
diff --git a/log.c b/log.c
index 34a013b..1aca728 100644
--- a/log.c
+++ b/log.c
@@ -377,10 +377,13 @@ output_msg:
filtered_fwrite(f, convbuf, outbuf.len, 0);
outbuf.len = 0;
}
- if (!ierrno || ierrno == E2BIG)
- continue;
- fprintf(f, "\\#%03o", CVAL(inbuf.buf, inbuf.pos++));
- inbuf.len--;
+ /* Log one byte of illegal/incomplete sequence and continue with
+ * the next character. Check that the buffer is non-empty for the
+ * sake of robustness. */
+ if ((ierrno == EILSEQ || ierrno == EINVAL) && inbuf.len) {
+ fprintf(f, "\\#%03o", CVAL(inbuf.buf, inbuf.pos++));
+ inbuf.len--;
+ }
}
} else
#endif

12
rsync-3.2.2-runtests.patch
View File

@ -1,12 +0,0 @@
diff --git a/runtests.sh.old b/runtests.sh
index ecb383e..1cd1d1a 100755
--- a/runtests.sh.old
+++ b/runtests.sh
@@ -276,6 +276,7 @@ do
case "$testscript" in
*hardlinks*) TESTRUN_TIMEOUT=600 ;;
+ *default-acls*) continue ;;
*) TESTRUN_TIMEOUT=300 ;;
esac

27
rsync-3.4.1-cve-2025-10158.patch
View File

@ -1,27 +0,0 @@
From 797e17fc4a6f15e3b1756538a9f812b63942686f Mon Sep 17 00:00:00 2001
From: Andrew Tridgell <andrew@tridgell.net>
Date: Sat, 23 Aug 2025 17:26:53 +1000
Subject: [PATCH] fixed an invalid access to files array
this was found by Calum Hutton from Rapid7. It is a real bug, but
analysis shows it can't be leverged into an exploit. Worth fixing
though.
Many thanks to Calum and Rapid7 for finding and reporting this
---
sender.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/sender.c b/sender.c
index a4d46c39e..b1588b701 100644
--- a/sender.c
+++ b/sender.c
@@ -262,6 +262,8 @@ void send_files(int f_in, int f_out)
if (ndx - cur_flist->ndx_start >= 0)
file = cur_flist->files[ndx - cur_flist->ndx_start];
+ else if (cur_flist->parent_ndx < 0)
+ exit_cleanup(RERR_PROTOCOL);
else
file = dir_flist->files[cur_flist->parent_ndx];
if (F_PATHNAME(file)) {

32
rsync-3.4.1-cve-2026-41035.patch
View File

@ -1,32 +0,0 @@
From 6aa7ee6ba1bd71b1b7bac7dbb351ed05c065e93d Mon Sep 17 00:00:00 2001
From: Andrew Tridgell <andrew@tridgell.net>
Date: Wed, 22 Apr 2026 09:57:45 +1000
Subject: [PATCH] xattrs: fixed count in qsort
this fixes the count passed to the sort of the xattr list. This issue
was reported here:
https://www.openwall.com/lists/oss-security/2026/04/16/2
the bug is not exploitable due to the fork-per-connection design of
rsync, the attack is the equivalent of the user closing the socket
themselves.
---
xattrs.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/xattrs.c b/xattrs.c
index 26e50a6f9..65166eed9 100644
--- a/xattrs.c
+++ b/xattrs.c
@@ -860,8 +860,8 @@ void receive_xattr(int f, struct file_struct *file)
rxa->num = num;
}
- if (need_sort && count > 1)
- qsort(temp_xattr.items, count, sizeof (rsync_xa), rsync_xal_compare_names);
+ if (need_sort && temp_xattr.count > 1)
+ qsort(temp_xattr.items, temp_xattr.count, sizeof (rsync_xa), rsync_xal_compare_names);
ndx = rsync_xal_store(&temp_xattr); /* adds item to rsync_xal_l */

15
rsync-3.4.1-ssh-askpass.patch
View File

@ -1,15 +0,0 @@
diff --git a/main.c b/main.c
index 7222a83..630ca03 100644
--- a/main.c
+++ b/main.c
@@ -1743,7 +1743,9 @@ int main(int argc,char *argv[])
our_gid = MY_GID();
am_root = our_uid == ROOT_UID;
- unset_env_var("DISPLAY");
+ // DISPLAY should only be cleared if SSH_ASKPASS is empty
+ if (!getenv("SSH_ASKPASS"))
+ unset_env_var("DISPLAY");
#if defined USE_OPENSSL && defined SET_OPENSSL_CONF
#define TO_STR2(x) #x

386
rsync-3.4.1-use-openat2.patch
View File

@ -1,386 +0,0 @@
From 4fa7156ccdb2ad34b034d18fe2fd6cd79adef8a1 Mon Sep 17 00:00:00 2001
From: Andrew Tridgell <andrew@tridgell.net>
Date: Thu, 30 Apr 2026 08:39:22 +1000
Subject: [PATCH] syscall: use openat2(RESOLVE_BENEATH) on Linux for
secure_relative_open
The CVE fix in commit c35e283 made secure_relative_open() walk every
component of relpath with O_NOFOLLOW. That blocks every symlink in the
path, which is stricter than the threat model required: legitimate
directory symlinks within the destination tree (e.g. when using -K /
--copy-dirlinks) are also rejected, breaking delta transfers with
"failed verification -- update discarded". See issue #715.
On Linux 5.6+, openat2(RESOLVE_BENEATH | RESOLVE_NO_MAGICLINKS) gives
us exactly what we want: the kernel rejects any resolution that would
escape the starting directory (via "..", absolute paths, or symlinks
pointing outside dirfd) while still following symlinks that resolve
within it. /proc magic-links are blocked too.
Use openat2 first; fall back to the existing per-component O_NOFOLLOW
walk on ENOSYS (kernel < 5.6). The lexical "../" checks at the head
of the function are kept as defense in depth. The Linux gate is
plain #ifdef __linux__: the runtime ENOSYS fallback covers the only
case that actually matters (header present + old kernel), and any
Linux build environment without linux/openat2.h will fail with a
clear "no such file" error rather than silently disabling the
protection.
Verified manually that openat2(RESOLVE_BENEATH) blocks all four
escape patterns (absolute symlink, ../ symlink, lexical .., absolute
path) while allowing direct and within-tree symlinks. The new
testsuite/symlink-dirlink-basis.test (taken from PR #864 by Samuel
Henrique) exercises the issue #715 regression and passes; full
make check passes 47/47.
Test: testsuite/symlink-dirlink-basis.test (8 scenarios)
Fixes: https://github.com/RsyncProject/rsync/issues/715
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
---
syscall.c | 62 ++++++-
testsuite/symlink-dirlink-basis.test | 247 +++++++++++++++++++++++++++
2 files changed, 304 insertions(+), 5 deletions(-)
create mode 100755 testsuite/symlink-dirlink-basis.test
diff --git a/syscall.c b/syscall.c
index ec0e0708a..66c6d29c7 100644
--- a/syscall.c
+++ b/syscall.c
@@ -33,6 +33,11 @@
#include <sys/syscall.h>
#endif
+#ifdef __linux__
+#include <sys/syscall.h>
+#include <linux/openat2.h>
+#endif
+
#include "ifuncs.h"
extern int dry_run;
@@ -720,12 +725,49 @@ int do_open_nofollow(const char *pathname, int flags)
/*
open a file relative to a base directory. The basedir can be NULL,
in which case the current working directory is used. The relpath
- must be a relative path, and the relpath must not contain any
- elements in the path which follow symlinks (ie. like O_NOFOLLOW, but
- applies to all path components, not just the last component)
-
- The relpath must also not contain any ../ elements in the path
+ must be a relative path. The kernel must guarantee that resolution
+ cannot escape basedir (or the cwd, when basedir is NULL): no ".."
+ jumps above the start, no symlinks pointing outside, no absolute
+ paths, no /proc magic-link tricks.
+
+ Symlinks *within* basedir are followed normally — earlier rsync
+ versions rejected every symlink with O_NOFOLLOW on each component,
+ which broke legitimate directory symlinks on the receiver side
+ (https://github.com/RsyncProject/rsync/issues/715). The escape
+ prevention is handled by the kernel via openat2(RESOLVE_BENEATH)
+ on Linux 5.6+; older systems fall back to the per-component
+ O_NOFOLLOW walk below.
+
+ The relpath must also not contain any ../ elements in the path.
*/
+
+#ifdef __linux__
+static int secure_relative_open_linux(const char *basedir, const char *relpath, int flags, mode_t mode)
+{
+ struct open_how how;
+ int dirfd, retfd;
+
+ memset(&how, 0, sizeof how);
+ how.flags = flags;
+ how.mode = mode;
+ how.resolve = RESOLVE_BENEATH | RESOLVE_NO_MAGICLINKS;
+
+ if (basedir == NULL) {
+ dirfd = AT_FDCWD;
+ } else {
+ dirfd = openat(AT_FDCWD, basedir, O_RDONLY | O_DIRECTORY);
+ if (dirfd == -1)
+ return -1;
+ }
+
+ retfd = syscall(SYS_openat2, dirfd, relpath, &how, sizeof how);
+
+ if (dirfd != AT_FDCWD)
+ close(dirfd);
+ return retfd;
+}
+#endif
+
int secure_relative_open(const char *basedir, const char *relpath, int flags, mode_t mode)
{
if (!relpath || relpath[0] == '/') {
@@ -739,6 +781,16 @@ int secure_relative_open(const char *basedir, const char *relpath, int flags, mo
return -1;
}
+#ifdef __linux__
+ {
+ int fd = secure_relative_open_linux(basedir, relpath, flags, mode);
+ /* ENOSYS = kernel < 5.6 doesn't have the syscall even though
+ * glibc/kernel-headers do; fall through to the portable path. */
+ if (fd != -1 || errno != ENOSYS)
+ return fd;
+ }
+#endif
+
#if !defined(O_NOFOLLOW) || !defined(O_DIRECTORY) || !defined(AT_FDCWD)
// really old system, all we can do is live with the risks
if (!basedir) {
diff --git a/testsuite/symlink-dirlink-basis.test b/testsuite/symlink-dirlink-basis.test
new file mode 100755
index 000000000..9065dd814
--- /dev/null
+++ b/testsuite/symlink-dirlink-basis.test
@@ -0,0 +1,247 @@
+#!/bin/sh
+
+# Test that updating a file through a directory symlink works when using
+# -K (--copy-dirlinks). This is a regression test for:
+# https://github.com/RsyncProject/rsync/issues/715
+#
+# The CVE fix in commit c35e283 introduced secure_relative_open() which
+# uses O_NOFOLLOW on all path components, breaking legitimate directory
+# symlinks on the receiver side. The fix splits the path into basedir
+# (dirname, symlinks followed) and basename (O_NOFOLLOW) so that
+# directory symlinks are traversed while the final file component is
+# still protected.
+#
+# The regression only manifests when delta matching is triggered (i.e.,
+# the sender finds matching blocks in the old file). Small files with
+# completely different content are transferred in full and don't trigger
+# the bug. We use a large file with a small modification to ensure
+# delta transfer is used.
+#
+# In addition to the original regression, this test covers edge cases
+# in the fix itself:
+# - --backup with directory symlinks (finish_transfer pointer identity)
+# - --partial-dir with protocol < 29 (fnamecmp != partialptr guard)
+# - --inplace with directory symlinks (updating_basis_or_equiv check)
+# - Files without a dirname (top-level files, no split needed)
+
+. "$suitedir/rsync.fns"
+
+RSYNC_RSH="$scratchdir/src/support/lsh.sh"
+export RSYNC_RSH
+
+# $HOME is set to $scratchdir by rsync.fns
+# localhost: destination will cd to $HOME (i.e., $scratchdir)
+
+# Helper: create a large file suitable for delta transfers.
+# ~32KB is large enough for rsync's block matching to find matches.
+make_testfile() {
+ dd if=/dev/urandom of="$1" bs=1024 count=32 2>/dev/null \
+ || test_fail "failed to create test file $1"
+}
+
+# Set up source tree
+srcbase="$tmpdir/src"
+
+######################################################################
+# Test 1: Basic directory symlink update (the original issue #715)
+######################################################################
+
+mkdir -p "$HOME/real-dir"
+ln -s real-dir "$HOME/dir"
+
+mkdir -p "$srcbase/dir"
+make_testfile "$srcbase/dir/file"
+
+# First transfer (initial): should create the file through the symlink
+(cd "$srcbase" && $RSYNC -KRlptv --rsync-path="$RSYNC" dir/file localhost:) \
+ || test_fail "test 1: initial transfer failed"
+
+if [ ! -f "$HOME/real-dir/file" ]; then
+ test_fail "test 1: initial transfer did not create file through symlink"
+fi
+
+diff "$srcbase/dir/file" "$HOME/real-dir/file" >/dev/null \
+ || test_fail "test 1: initial transfer content mismatch"
+
+# Small modification to trigger delta transfer
+echo "appended update" >> "$srcbase/dir/file"
+sleep 1
+touch "$srcbase/dir/file"
+
+# Second transfer (update): was failing with "failed verification"
+(cd "$srcbase" && $RSYNC -KRlptv --rsync-path="$RSYNC" dir/file localhost:) \
+ || test_fail "test 1: update through directory symlink failed"
+
+diff "$srcbase/dir/file" "$HOME/real-dir/file" >/dev/null \
+ || test_fail "test 1: update transfer content mismatch"
+
+######################################################################
+# Test 2: Compression (-z) as in the original reproducer
+######################################################################
+
+echo "another line" >> "$srcbase/dir/file"
+sleep 1
+touch "$srcbase/dir/file"
+
+(cd "$srcbase" && $RSYNC -KRlptzv --rsync-path="$RSYNC" dir/file localhost:) \
+ || test_fail "test 2: compressed update through directory symlink failed"
+
+diff "$srcbase/dir/file" "$HOME/real-dir/file" >/dev/null \
+ || test_fail "test 2: compressed update content mismatch"
+
+######################################################################
+# Test 3: Nested directory symlinks (nested/sub/data.txt where
+# "nested" is a symlink to "nested_real")
+######################################################################
+
+mkdir -p "$HOME/nested_real/sub"
+ln -s nested_real "$HOME/nested"
+
+mkdir -p "$srcbase/nested/sub"
+make_testfile "$srcbase/nested/sub/data.txt"
+
+(cd "$srcbase" && $RSYNC -KRlptv --rsync-path="$RSYNC" nested/sub/data.txt localhost:) \
+ || test_fail "test 3: initial nested transfer failed"
+
+echo "appended nested" >> "$srcbase/nested/sub/data.txt"
+sleep 1
+touch "$srcbase/nested/sub/data.txt"
+
+(cd "$srcbase" && $RSYNC -KRlptv --rsync-path="$RSYNC" nested/sub/data.txt localhost:) \
+ || test_fail "test 3: update through nested directory symlink failed"
+
+diff "$srcbase/nested/sub/data.txt" "$HOME/nested_real/sub/data.txt" >/dev/null \
+ || test_fail "test 3: nested update content mismatch"
+
+######################################################################
+# Test 4: --backup with directory symlinks
+#
+# Exercises the finish_transfer() "fnamecmp == fname" pointer
+# comparison that determines whether to update fnamecmp to the
+# backup name. If broken, --backup would reference a renamed file
+# for xattr handling.
+######################################################################
+
+# Reset destination
+rm -f "$HOME/real-dir/file" "$HOME/real-dir/file~"
+
+make_testfile "$srcbase/dir/file"
+
+(cd "$srcbase" && $RSYNC -KRlptv --rsync-path="$RSYNC" dir/file localhost:) \
+ || test_fail "test 4: initial transfer for backup test failed"
+
+echo "backup update" >> "$srcbase/dir/file"
+sleep 1
+touch "$srcbase/dir/file"
+
+(cd "$srcbase" && $RSYNC -KRlptv --backup --rsync-path="$RSYNC" dir/file localhost:) \
+ || test_fail "test 4: update with --backup through directory symlink failed"
+
+diff "$srcbase/dir/file" "$HOME/real-dir/file" >/dev/null \
+ || test_fail "test 4: backup update content mismatch"
+
+if [ ! -f "$HOME/real-dir/file~" ]; then
+ test_fail "test 4: backup file was not created"
+fi
+
+######################################################################
+# Test 5: --inplace with directory symlinks
+#
+# Exercises the updating_basis_or_equiv check which uses
+# "fnamecmp == fname". With --inplace, rsync writes directly to
+# the destination file instead of a temp file.
+######################################################################
+
+rm -f "$HOME/real-dir/file" "$HOME/real-dir/file~"
+
+make_testfile "$srcbase/dir/file"
+
+(cd "$srcbase" && $RSYNC -KRlptv --inplace --rsync-path="$RSYNC" dir/file localhost:) \
+ || test_fail "test 5: initial inplace transfer failed"
+
+echo "inplace update" >> "$srcbase/dir/file"
+sleep 1
+touch "$srcbase/dir/file"
+
+(cd "$srcbase" && $RSYNC -KRlptv --inplace --rsync-path="$RSYNC" dir/file localhost:) \
+ || test_fail "test 5: inplace update through directory symlink failed"
+
+diff "$srcbase/dir/file" "$HOME/real-dir/file" >/dev/null \
+ || test_fail "test 5: inplace update content mismatch"
+
+######################################################################
+# Test 6: Top-level file (no dirname, no split needed)
+#
+# Ensures the dirname/basename split is not attempted for files
+# at the top level (file->dirname is NULL).
+######################################################################
+
+make_testfile "$srcbase/topfile"
+mkdir -p "$HOME"
+
+(cd "$srcbase" && $RSYNC -Rlptv --rsync-path="$RSYNC" topfile localhost:) \
+ || test_fail "test 6: initial top-level transfer failed"
+
+echo "toplevel update" >> "$srcbase/topfile"
+sleep 1
+touch "$srcbase/topfile"
+
+(cd "$srcbase" && $RSYNC -Rlptv --rsync-path="$RSYNC" topfile localhost:) \
+ || test_fail "test 6: top-level update failed"
+
+diff "$srcbase/topfile" "$HOME/topfile" >/dev/null \
+ || test_fail "test 6: top-level update content mismatch"
+
+######################################################################
+# Test 7: --partial-dir with protocol < 29
+#
+# For protocol < 29, fnamecmp_type stays FNAMECMP_FNAME even when
+# fnamecmp is set to partialptr. The dirname/basename split must
+# NOT trigger in this case (guarded by "fnamecmp == fname").
+######################################################################
+
+rm -f "$HOME/real-dir/file"
+make_testfile "$srcbase/dir/file"
+
+(cd "$srcbase" && $RSYNC -KRlptv --protocol=28 --partial-dir=.rsync-partial \
+ --rsync-path="$RSYNC" dir/file localhost:) \
+ || test_fail "test 7: initial proto28 partial-dir transfer failed"
+
+echo "partial-dir update" >> "$srcbase/dir/file"
+sleep 1
+touch "$srcbase/dir/file"
+
+(cd "$srcbase" && $RSYNC -KRlptv --protocol=28 --partial-dir=.rsync-partial \
+ --rsync-path="$RSYNC" dir/file localhost:) \
+ || test_fail "test 7: proto28 partial-dir update through dirlink failed"
+
+diff "$srcbase/dir/file" "$HOME/real-dir/file" >/dev/null \
+ || test_fail "test 7: proto28 partial-dir update content mismatch"
+
+######################################################################
+# Test 8: Protocol < 29 basic directory symlink update
+#
+# Exercises the protocol < 29 code path and its fallback logic
+# (clearing basedir on retry).
+######################################################################
+
+rm -f "$HOME/real-dir/file"
+make_testfile "$srcbase/dir/file"
+
+(cd "$srcbase" && $RSYNC -KRlptv --protocol=28 \
+ --rsync-path="$RSYNC" dir/file localhost:) \
+ || test_fail "test 8: initial proto28 transfer failed"
+
+echo "proto28 update" >> "$srcbase/dir/file"
+sleep 1
+touch "$srcbase/dir/file"
+
+(cd "$srcbase" && $RSYNC -KRlptv --protocol=28 \
+ --rsync-path="$RSYNC" dir/file localhost:) \
+ || test_fail "test 8: proto28 update through directory symlink failed"
+
+diff "$srcbase/dir/file" "$HOME/real-dir/file" >/dev/null \
+ || test_fail "test 8: proto28 update content mismatch"
+
+# The script would have aborted on error, so getting here means we've won.
+exit 0

23
rsync-3.4.4-fix-cve-2026-49618-regression.patch Normal file
View File

@ -0,0 +1,23 @@
diff --git a/token.c b/token.c
index f910f74..cafc379 100644
--- a/token.c
+++ b/token.c
@@ -292,14 +292,10 @@ static int32 simple_recv_token(int f, char **data)
int32 i = read_int(f);
if (i <= 0)
return i;
- /* simple_send_token caps each literal chunk at CHUNK_SIZE;
- * reject anything larger so a hostile peer cannot drive the
- * read_buf below past our static CHUNK_SIZE buffer. */
- if (i > CHUNK_SIZE) {
- rprintf(FERROR, "invalid uncompressed token length %ld [%s]\n",
- (long)i, who_am_i());
- exit_cleanup(RERR_PROTOCOL);
- }
+ /* A literal run may exceed CHUNK_SIZE: some peers (e.g. the
+ * acrosync library) use a 64k block size. The loop below reads
+ * the run CHUNK_SIZE bytes at a time, so read_buf never writes
+ * past the static CHUNK_SIZE buffer regardless of i. */
residue = i;
}

10
rsync-man.patch
View File

@ -1,10 +0,0 @@
--- rsync-3.0.9/rsync.1 2011-09-23 18:42:26.000000000 +0200
+++ rsync-3.0.9/rsync.1 2012-09-19 10:40:19.698802861 +0200
@@ -445,6 +445,7 @@
\-o, \-\-owner preserve owner (super\-user only)
\-g, \-\-group preserve group
\-\-devices preserve device files (super\-user only)
+ \-\-copy-devices copy device contents as regular file
\-\-specials preserve special files
\-D same as \-\-devices \-\-specials
\-t, \-\-times preserve modification times

147
rsync-noatime.patch
View File

@ -1,147 +0,0 @@
Optionally preserve atimes.
Based on https://bugzilla.samba.org/show_bug.cgi?id=7249#c1 by Nicolas George.
Index: rsync-3.1.0/options.c
===================================================================
--- rsync-3.1.0.orig/options.c
+++ rsync-3.1.0/options.c
@@ -125,6 +125,7 @@ int delay_updates = 0;
long block_size = 0; /* "long" because popt can't set an int32. */
char *skip_compress = NULL;
item_list dparam_list = EMPTY_ITEM_LIST;
+int noatime = 0;
/** Network address family. **/
int default_af_hint
@@ -802,6 +803,7 @@ void usage(enum logcode F)
rprintf(F," --iconv=CONVERT_SPEC request charset conversion of filenames\n");
#endif
rprintf(F," --checksum-seed=NUM set block/file checksum seed (advanced)\n");
+ rprintf(F," --noatime do not alter atime when opening source files\n");
rprintf(F," -4, --ipv4 prefer IPv4\n");
rprintf(F," -6, --ipv6 prefer IPv6\n");
rprintf(F," --version print version number\n");
@@ -1019,6 +1021,7 @@ static struct poptOption long_options[]
{"iconv", 0, POPT_ARG_STRING, &iconv_opt, 0, 0, 0 },
{"no-iconv", 0, POPT_ARG_NONE, 0, OPT_NO_ICONV, 0, 0 },
#endif
+ {"noatime", 0, POPT_ARG_VAL, &noatime, 1, 0, 0 },
{"ipv4", '4', POPT_ARG_VAL, &default_af_hint, AF_INET, 0, 0 },
{"ipv6", '6', POPT_ARG_VAL, &default_af_hint, AF_INET6, 0, 0 },
{"8-bit-output", '8', POPT_ARG_VAL, &allow_8bit_chars, 1, 0, 0 },
@@ -2739,6 +2742,12 @@ void server_options(char **args, int *ar
if (preallocate_files && am_sender)
args[ac++] = "--preallocate";
+ /*
+ * Do we want remote atime preservation when we preserve local ones?
+ if (noatime)
+ args[ac++] = "--noatime";
+ */
+
if (ac > MAX_SERVER_ARGS) { /* Not possible... */
rprintf(FERROR, "argc overflow in server_options().\n");
exit_cleanup(RERR_MALLOC);
Index: rsync-3.1.0/rsync.yo
===================================================================
--- rsync-3.1.0.orig/rsync.yo
+++ rsync-3.1.0/rsync.yo
@@ -454,6 +454,7 @@ to the detailed description below for a
--protocol=NUM force an older protocol version to be used
--iconv=CONVERT_SPEC request charset conversion of filenames
--checksum-seed=NUM set block/file checksum seed (advanced)
+ --noatime do not alter atime when opening source files
-4, --ipv4 prefer IPv4
-6, --ipv6 prefer IPv6
--version print version number
@@ -2543,6 +2544,13 @@ daemon uses the charset specified in its
regardless of the remote charset you actually pass. Thus, you may feel free to
specify just the local charset for a daemon transfer (e.g. bf(--iconv=utf8)).
+dit(bf(--noatime)) Use the O_NOATIME open flag on systems that support it.
+The effect of this flag is to avoid altering the access time (atime) of the
+opened files.
+If the system does not support the O_NOATIME flag, this option does nothing.
+Currently, systems known to support O_NOATIME are Linux >= 2.6.8 with glibc
+>= 2.3.4.
+
dit(bf(-4, --ipv4) or bf(-6, --ipv6)) Tells rsync to prefer IPv4/IPv6
when creating sockets. This only affects sockets that rsync has direct
control over, such as the outgoing socket when directly contacting an
diff --git a/syscall.c b/syscall.c
index c46a8b4..6620563 100644
--- a/syscall.c
+++ b/syscall.c
@@ -42,6 +42,7 @@ extern int inplace;
extern int preallocate_files;
extern int preserve_perms;
extern int preserve_executability;
+extern int noatime;
#ifndef S_BLKSIZE
# if defined hpux || defined __hpux__ || defined __hpux
@@ -189,6 +190,10 @@ int do_open(const char *pathname, int fl
RETURN_ERROR_IF(dry_run, 0);
RETURN_ERROR_IF_RO_OR_LO;
}
+#ifdef O_NOATIME
+ if (noatime)
+ flags |= O_NOATIME;
+#endif
return open(pathname, flags | O_BINARY, mode);
}
Index: rsync/tls.c
===================================================================
--- rsync.orig/tls.c
+++ rsync/tls.c
@@ -53,6 +53,7 @@ int preserve_perms = 0;
int preserve_executability = 0;
int preallocate_files = 0;
int inplace = 0;
+int noatime = 0;
#ifdef SUPPORT_XATTRS
Index: rsync/t_unsafe.c
===================================================================
--- rsync.orig/t_unsafe.c
+++ rsync/t_unsafe.c
@@ -33,6 +33,10 @@ int preserve_perms = 0;
int preserve_executability = 0;
short info_levels[COUNT_INFO], debug_levels[COUNT_DEBUG];
+/* This is to make syscall.o shut up. */
+int noatime = 0;
+
+
int
main(int argc, char **argv)
{
Index: rsync/wildtest.c
===================================================================
--- rsync.orig/wildtest.c
+++ rsync/wildtest.c
@@ -32,6 +32,9 @@ int fnmatch_errors = 0;
int wildmatch_errors = 0;
+/* This is to make syscall.o shut up. */
+int noatime = 0;
+
typedef char bool;
int output_iterations = 0;
Index: rsync/trimslash.c
===================================================================
--- rsync.orig/trimslash.c
+++ rsync/trimslash.c
@@ -30,6 +30,7 @@ int preserve_perms = 0;
int preserve_executability = 0;
int preallocate_files = 0;
int inplace = 0;
+int noatime = 0;
int
main(int argc, char **argv)

47
rsync.spec
View File

@ -1,19 +1,12 @@
%global _hardened_build 1
%define isprerelease 0
%if %isprerelease
%define prerelease pre3
%endif
Summary: A program for synchronizing files over a network
Name: rsync
Version: 3.4.1
Release: 6%{?prerelease}%{?dist}
Version: 3.4.4
Release: 1%{?dist}
URL: https://rsync.samba.org/
Source0: https://download.samba.org/pub/rsync/src/rsync-%{version}%{?prerelease}.tar.gz
Source1: https://download.samba.org/pub/rsync/src/rsync-patches-%{version}%{?prerelease}.tar.gz
Source0: https://download.samba.org/pub/rsync/src/rsync-%{version}.tar.gz
Source2: rsyncd.socket
Source3: rsyncd.service
Source4: rsyncd.conf
@ -31,6 +24,8 @@ BuildRequires: systemd
BuildRequires: lz4-devel
BuildRequires: openssl-devel
BuildRequires: libzstd-devel
BuildRequires: git-core
BuildRequires: %{__python3}
%if ! 0%{?rhel} >= 10
BuildRequires: xxhash-devel
%endif
@ -42,14 +37,10 @@ Provides: bundled(zlib) = 1.2.8
#mentioned here as well.
License: GPL-3.0-or-later
Patch1: rsync-3.2.2-runtests.patch
# creating rrsync.1.md would require commonmark, we copy it instead
Patch2: rsync-3.4.1-rrsync-man.patch
Patch3: rsync-3.4.1-ssh-askpass.patch
Patch4: rsync-3.4.1-cve-2025-10158.patch
Patch5: rsync-3.4.1-cve-2026-41035.patch
# https://github.com/RsyncProject/rsync/commit/4fa7156ccdb2ad34b034d18fe2fd6cd79adef8a1
Patch6: rsync-3.4.1-use-openat2.patch
Patch1: rsync-3.4.1-rrsync-man.patch
# https://github.com/RsyncProject/rsync/commit/11e3e239
Patch2: rsync-3.4.4-fix-cve-2026-49618-regression.patch
%description
Rsync uses a reliable algorithm to bring remote and host files into
@ -79,22 +70,7 @@ This subpackage provides rrsync script and its manpage. rrsync
may be used to setup a restricted rsync users via ssh logins.
%prep
# TAG: for pre versions use
%if %isprerelease
%setup -q -n rsync-%{version}%{?prerelease}
%setup -q -b 1 -n rsync-%{version}%{?prerelease}
%else
%setup -q
%setup -q -b 1
%endif
%patch 1 -p1 -b .runtests
%patch 2 -p1 -b .rrsync
%patch 3 -p1 -b .ssh-askpass
%patch 4 -p1 -b .cve-2025-10158
%patch 5 -p1 -b .cve-2026-41035
%patch 6 -p1 -b .use-openat2
%autosetup -S git
%build
%configure \
@ -152,6 +128,11 @@ install -D -m644 %{SOURCE6} $RPM_BUILD_ROOT/%{_unitdir}/rsyncd@.service
%systemd_postun_with_restart rsyncd.service
%changelog
* Mon Jun 22 2026 Michal Ruprich <mruprich@redhat.com> - 3.4.4-1
- Resolves: RHEL-186589 - Rebase rsync to version 3.4.4
- Resolves: RHEL-174931 - TOCTOU symlink race condition (CVE-2026-29518)
- Resolves: RHEL-174947 - Memory disclosure via int overflow (CVE-2026-43618)
* Tue May 12 2026 Michal Ruprich <mruprich@redhat.com> - 3.4.1-6
- Resolves: RHEL-172276 - Fix regression introduced with CVE-2024-12086 fix

3
sources
View File

@ -1,2 +1 @@
SHA512 (rsync-3.4.1.tar.gz) = a3ecde4843ddb795308dca88581b868ac0221eb6f88a1477d7a9a2ecb4e4686042966bdddbab40866f90a4715d3104daa7b83222ddf0f3387b796a86bde8e5c2
SHA512 (rsync-patches-3.4.1.tar.gz) = 0a2439f43e53cef028e5c0a25bd20fd308e6094af36e6d1109e9b5149035ce9c650d4cac7e7523671b4c3e8d6d6c68e40445dd0d8ae9adbc19771aba0831ed33
SHA512 (rsync-3.4.4.tar.gz) = cf9a838b1f019b70fd67fa2c293f267be3f24e579c2ea33177ec7afc502c97ce0b613ff0854088c0eb28acd14ee0a75706ae8445115cef4669bd586c505d8453