rsync-3.1.2-12.0.2.el7.AXS7
エラータID: AXSA:2025-9624:03
Release date:
Tuesday, February 4, 2025 - 18:04
Subject:
rsync-3.1.2-12.0.2.el7.AXS7
Affected Channels:
Asianux Server 7 for x86_64
Severity:
High
Description:
Rsync uses a reliable algorithm to bring remote and host files into sync very
quickly. Rsync is fast because it just sends the differences in the files over
the network instead of sending the complete files. Rsync is often used as a very
powerful mirroring process or just as a more capable replacement for the rcp
command. A technical report which describes the rsync algorithm is included in
this package.
Security Fix(es):
* CVE-2024-12085: fix to prevent information leak off the stack
CVE(s):
CVE-2024-12085
Solution:
Update packages.
CVEs:
CVE-2024-12085
A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length (s2length) to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data at a time.
A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length (s2length) to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data at a time.
Additional Info:
N/A
Download:
SRPMS
- rsync-3.1.2-12.0.2.el7.AXS7.src.rpm not found
Asianux Server 7 for x86_64
- rsync-3.1.2-12.0.2.el7.AXS7.x86_64.rpm
MD5: 90c562b3b0986ba2d253360684c9d684
SHA-256: d4dc1fee6f2b562db255c8865c13ce6928c2597786faf3584d83d941cc030391
Size: 407.75 kB
日本語