rsync-3.1.3-24.el8_10

エラータID: AXSA:2026-406:02

Release date: 
Monday, April 6, 2026 - 16:46
Subject: 
rsync-3.1.3-24.el8_10
Affected Channels: 
Asianux Server 8 for x86_64
Severity: 
Moderate
Description: 

The rsync utility enables the users to copy and synchronize files locally or across a network. Synchronization with rsync is fast because rsync only sends the differences in files over the network instead of sending whole files. The rsync utility is also used as a mirroring tool.

Security Fix(es):

* rsync: Rsync: Out of bounds array access via negative index (CVE-2025-10158)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2025-10158
A malicious client acting as the receiver of an rsync file transfer can trigger an out of bounds read of a heap based buffer, via a negative array index. The malicious rsync client requires at least read access to the remote rsync module in order to trigger the issue.

Solution: 

Update packages.

CVEs: 
CVE-2025-10158
A malicious client acting as the receiver of an rsync file transfer can trigger an out of bounds read of a heap based buffer, via a negative array index. The malicious rsync client requires at least read access to the remote rsync module in order to trigger the issue.
Additional Info: 

N/A

Download: 

SRPMS
  1. rsync-3.1.3-24.el8_10.src.rpm
    MD5: 6e00f849e73297b9e9638e06cca48bc1
    SHA-256: a4cb2447e23907b62291cbd0658a953a2916bf1a6384348063fa6b27731a5d2f
    Size: 1.10 MB

Asianux Server 8 for x86_64
  1. rsync-3.1.3-24.el8_10.x86_64.rpm
    MD5: 4244f667a67f7774b2f309caaad665d1
    SHA-256: d0e9fd955517160bca0a7f1fe2a4b8ec6066a230a42ae9a01346f7fd2b219b48
    Size: 411.39 kB
  2. rsync-daemon-3.1.3-24.el8_10.noarch.rpm
    MD5: f38a507d02582fef718a3822618c4288
    SHA-256: 08f966b03b96b52f1058c874b25061dbebe58d48ad0949bfd76e6e6efd2ca6e1
    Size: 44.03 kB