import rsync-3.2.3-18.el9
This commit is contained in:
CentOS Sources
Stepan Oksanichenko
parent
1ba4001a51
commit
64e07f7fd3
48
SOURCES/rsync-3.2.3-atimes.patch
Normal file
48
SOURCES/rsync-3.2.3-atimes.patch
Normal file
@ -0,0 +1,48 @@
|
||||
diff --git a/rsync.c b/rsync.c
|
||||
index bcecac63..ff9489be 100644
|
||||
--- a/rsync.c
|
||||
+++ b/rsync.c
|
||||
@@ -63,8 +63,7 @@ extern char *iconv_opt;
|
||||
#define UPDATED_ATIME (1<<3)
|
||||
#define UPDATED_ACLS (1<<4)
|
||||
#define UPDATED_MODE (1<<5)
|
||||
-
|
||||
-#define UPDATED_TIMES (UPDATED_MTIME|UPDATED_ATIME)
|
||||
+#define UPDATED_CRTIME (1<<6)
|
||||
|
||||
#ifdef ICONV_CONST
|
||||
iconv_t ic_chck = (iconv_t)-1;
|
||||
@@ -576,10 +575,11 @@ int set_file_attrs(const char *fname, struct file_struct *file, stat_x *sxp,
|
||||
set_xattr(fname, file, fnamecmp, sxp);
|
||||
#endif
|
||||
|
||||
- if (!preserve_times
|
||||
- || (!(preserve_times & PRESERVE_DIR_TIMES) && S_ISDIR(sxp->st.st_mode))
|
||||
- || (!(preserve_times & PRESERVE_LINK_TIMES) && S_ISLNK(sxp->st.st_mode)))
|
||||
- flags |= ATTRS_SKIP_MTIME | ATTRS_SKIP_ATIME;
|
||||
+ if (!preserve_times)
|
||||
+ flags |= ATTRS_SKIP_MTIME | (atimes_ndx ? 0 : ATTRS_SKIP_ATIME) | (crtimes_ndx ? 0 : ATTRS_SKIP_CRTIME);
|
||||
+ else if ((!(preserve_times & PRESERVE_DIR_TIMES) && S_ISDIR(sxp->st.st_mode))
|
||||
+ || (!(preserve_times & PRESERVE_LINK_TIMES) && S_ISLNK(sxp->st.st_mode)))
|
||||
+ flags |= ATTRS_SKIP_MTIME | ATTRS_SKIP_ATIME | ATTRS_SKIP_CRTIME;
|
||||
else if (sxp != &sx2)
|
||||
memcpy(&sx2.st, &sxp->st, sizeof (sx2.st));
|
||||
if (!atimes_ndx || S_ISDIR(sxp->st.st_mode))
|
||||
@@ -606,7 +606,7 @@ int set_file_attrs(const char *fname, struct file_struct *file, stat_x *sxp,
|
||||
updated |= UPDATED_ATIME;
|
||||
}
|
||||
}
|
||||
- if (updated & UPDATED_TIMES) {
|
||||
+ if (updated & (UPDATED_MTIME|UPDATED_ATIME)) {
|
||||
int ret = set_times(fname, &sx2.st);
|
||||
if (ret < 0) {
|
||||
rsyserr(FERROR_XFER, errno, "failed to set times on %s",
|
||||
@@ -614,7 +614,7 @@ int set_file_attrs(const char *fname, struct file_struct *file, stat_x *sxp,
|
||||
goto cleanup;
|
||||
}
|
||||
if (ret > 0) { /* ret == 1 if symlink could not be set */
|
||||
- updated &= ~UPDATED_TIMES;
|
||||
+ updated &= ~(UPDATED_MTIME|UPDATED_ATIME);
|
||||
file->flags |= FLAG_TIME_FAILED;
|
||||
}
|
||||
}
|
||||
16
SOURCES/rsync-3.2.3-cve-2022-37434.patch
Normal file
16
SOURCES/rsync-3.2.3-cve-2022-37434.patch
Normal file
@ -0,0 +1,16 @@
|
||||
diff --git a/zlib/inflate.c b/zlib/inflate.c
|
||||
index e43abd9..bd33c19 100644
|
||||
--- a/zlib/inflate.c
|
||||
+++ b/zlib/inflate.c
|
||||
@@ -740,8 +740,9 @@ int flush;
|
||||
if (copy > have) copy = have;
|
||||
if (copy) {
|
||||
if (state->head != Z_NULL &&
|
||||
- state->head->extra != Z_NULL) {
|
||||
- len = state->head->extra_len - state->length;
|
||||
+ state->head->extra != Z_NULL &&
|
||||
+ (len = state->head->extra_len - state->length) <
|
||||
+ state->head->extra_max) {
|
||||
zmemcpy(state->head->extra + len, next,
|
||||
len + copy > state->head->extra_max ?
|
||||
state->head->extra_max - len : copy);
|
||||
24
SOURCES/rsync-3.2.3-segfault.patch
Normal file
24
SOURCES/rsync-3.2.3-segfault.patch
Normal file
@ -0,0 +1,24 @@
|
||||
From f5a9a1013873580d0ad2ae4f5c5038c324d71bfe Mon Sep 17 00:00:00 2001
|
||||
From: Wayne Davison <wayne@opencoder.net>
|
||||
Date: Mon, 21 Feb 2022 14:19:31 -0800
|
||||
Subject: [PATCH] Fix possible array deref using invalid index.
|
||||
|
||||
---
|
||||
copy-devices.diff | 6 +++---
|
||||
1 file changed, 3 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/patches/copy-devices.diff b/patches/copy-devices.diff
|
||||
index 797d046..4138474 100644
|
||||
--- a/patches/copy-devices.diff
|
||||
+++ b/patches/copy-devices.diff
|
||||
@@ -111,8 +111,8 @@ diff --git a/rsync.c b/rsync.c
|
||||
if (iflags & ITEM_TRANSFER) {
|
||||
int i = ndx - cur_flist->ndx_start;
|
||||
- if (i < 0 || !S_ISREG(cur_flist->files[i]->mode)) {
|
||||
-+ struct file_struct *file = cur_flist->files[i];
|
||||
-+ if (i < 0 || !(S_ISREG(file->mode) || (copy_devices && IS_DEVICE(file->mode)))) {
|
||||
++ if (i < 0
|
||||
++ || !(S_ISREG(cur_flist->files[i]->mode) || (copy_devices && IS_DEVICE(cur_flist->files[i]->mode)))) {
|
||||
rprintf(FERROR,
|
||||
"received request to transfer non-regular file: %d [%s]\n",
|
||||
ndx, who_am_i());
|
||||
38
SOURCES/rsync-3.2.3-xattr.patch
Normal file
38
SOURCES/rsync-3.2.3-xattr.patch
Normal file
@ -0,0 +1,38 @@
|
||||
diff --git a/xattrs.c b/xattrs.c
|
||||
index 508649c0..3c549192 100644
|
||||
--- a/xattrs.c
|
||||
+++ b/xattrs.c
|
||||
@@ -1055,7 +1055,7 @@ int set_xattr(const char *fname, const struct file_struct *file, const char *fna
|
||||
{
|
||||
rsync_xa_list *glst = rsync_xal_l.items;
|
||||
item_list *lst;
|
||||
- int ndx;
|
||||
+ int ndx, added_write_perm = 0;
|
||||
|
||||
if (dry_run)
|
||||
return 1; /* FIXME: --dry-run needs to compute this value */
|
||||
@@ -1084,10 +1084,23 @@ int set_xattr(const char *fname, const struct file_struct *file, const char *fna
|
||||
}
|
||||
#endif
|
||||
|
||||
+ /* If the target file lacks write permission, we try to add it
|
||||
+ * temporarily so we can change the extended attributes. */
|
||||
+ if (!am_root
|
||||
+#ifdef SUPPORT_LINKS
|
||||
+ && !S_ISLNK(sxp->st.st_mode)
|
||||
+#endif
|
||||
+ && access(fname, W_OK) < 0
|
||||
+ && do_chmod(fname, (sxp->st.st_mode & CHMOD_BITS) | S_IWUSR) == 0)
|
||||
+ added_write_perm = 1;
|
||||
+
|
||||
ndx = F_XATTR(file);
|
||||
glst += ndx;
|
||||
lst = &glst->xa_items;
|
||||
- return rsync_xal_set(fname, lst, fnamecmp, sxp);
|
||||
+ int return_value = rsync_xal_set(fname, lst, fnamecmp, sxp);
|
||||
+ if (added_write_perm) /* remove the temporary write permission */
|
||||
+ do_chmod(fname, sxp->st.st_mode);
|
||||
+ return return_value;
|
||||
}
|
||||
|
||||
#ifdef SUPPORT_ACLS
|
||||
@ -10,7 +10,7 @@
|
||||
Summary: A program for synchronizing files over a network
|
||||
Name: rsync
|
||||
Version: 3.2.3
|
||||
Release: 9%{?dist}.2
|
||||
Release: 18%{?dist}
|
||||
URL: https://rsync.samba.org/
|
||||
|
||||
Source0: https://download.samba.org/pub/rsync/src/rsync-%{version}%{?prerelease}.tar.gz
|
||||
@ -35,8 +35,12 @@ Patch0: rsync-3.2.2-ssl-verify-hostname.patch
|
||||
Patch1: rsync-3.2.2-runtests.patch
|
||||
Patch2: rsync-3.2.3-lchmod.patch
|
||||
Patch3: rsync-3.2.3-append-mode.patch
|
||||
Patch4: rsync-3.2.3-cve-2018-25032.patch
|
||||
Patch5: rsync-3.2.3-cve-2022-29154.patch
|
||||
Patch4: rsync-3.2.3-xattr.patch
|
||||
Patch5: rsync-3.2.3-segfault.patch
|
||||
Patch6: rsync-3.2.3-atimes.patch
|
||||
Patch7: rsync-3.1.3-cve-2018-25032.patch
|
||||
Patch8: rsync-3.2.3-cve-2022-37434.patch
|
||||
Patch9: rsync-3.2.3-cve-2022-29154.patch
|
||||
|
||||
%description
|
||||
Rsync uses a reliable algorithm to bring remote and host files into
|
||||
@ -74,8 +78,12 @@ patch -p1 -i patches/copy-devices.diff
|
||||
%patch1 -p1 -b .runtests
|
||||
%patch2 -p1 -b .lchmod
|
||||
%patch3 -p1 -b .append-mode
|
||||
%patch4 -p1 -b .cve-2018-25032
|
||||
%patch5 -p1 -b .cve-2022-29154
|
||||
%patch4 -p1 -b .xattr
|
||||
%patch5 -p1 -b .segfault
|
||||
%patch6 -p1 -b .atimes
|
||||
%patch7 -p1 -b .cve-2018-25032
|
||||
%patch8 -p1 -b .cve-2022-37434
|
||||
%patch9 -p1 -b .cve-2022-29154
|
||||
|
||||
%build
|
||||
%configure --disable-xxhash
|
||||
@ -122,11 +130,32 @@ install -D -m644 %{SOURCE6} $RPM_BUILD_ROOT/%{_unitdir}/rsyncd@.service
|
||||
%systemd_postun_with_restart rsyncd.service
|
||||
|
||||
%changelog
|
||||
* Mon Aug 15 2022 Michal Ruprich <mruprich@redhat.com> - 3.2.3-9.2
|
||||
- Resolves: #2111176 - remote arbitrary files write inside the directories of connecting peers
|
||||
* Thu Aug 25 2022 Michal Ruprich <mruprich@redhat.com> - 3.2.3-18
|
||||
- Resolves: #2111177 - remote arbitrary files write inside the directories of connecting peers
|
||||
|
||||
* Thu Apr 21 2022 Michal Ruprich <mruprich@redhat.com> - 3.2.3-9.1
|
||||
- Resolves: #2074784 - A flaw found in zlib v1.2.2.2 through zlib v1.2.11 when compressing certain inputs
|
||||
* Thu Aug 18 2022 Michal Ruprich <mruprich@redhat.com> - 3.2.3-17
|
||||
- Resolves: #2116669 - zlib: a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field
|
||||
|
||||
* Wed May 18 2022 Michal Ruprich <mruprich@redhat.com> - 3.2.3-16
|
||||
- Related: #2081296 - Adding ci.fmf for separation of testing results
|
||||
|
||||
* Wed May 18 2022 Michal Ruprich <mruprich@redhat.com> - 3.2.3-15
|
||||
- Related: #2081296 - Disabling STI
|
||||
|
||||
* Wed May 18 2022 Michal Ruprich <mruprich@redhat.com> - 3.2.3-14
|
||||
- Resolves: #2071514 - A flaw found in zlib when compressing (not decompressing) certain inputs
|
||||
|
||||
* Wed May 11 2022 Michal Ruprich <mruprich@redhat.com> - 3.2.3-13
|
||||
- Resolves: #2079639 - rsync --atimes doesn't work
|
||||
|
||||
* Tue May 03 2022 Michal Ruprich <mruprich@redhat.com> - 3.2.3-12
|
||||
- Resolves: #2081296 - Enable fmf tests in centos stream
|
||||
|
||||
* Tue Apr 26 2022 Michal Ruprich <mruprich@redhat.com> - 3.2.3-11
|
||||
- Resolves: #2053198 - rsync segmentation fault
|
||||
|
||||
* Fri Apr 22 2022 Michal Ruprich <mruprich@redhat.com> - 3.2.3-10
|
||||
- Resolves: #2077431 - Read-only files that have changed xattrs fail to allow xattr changes
|
||||
|
||||
* Tue Aug 10 2021 Mohan Boddu <mboddu@redhat.com> - 3.2.3-9
|
||||
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
|
||||
|
||||
Loading…
Reference in New Issue
Block a user