-
rsync (3.2.7-0ubuntu0.22.04.2) jammy-security; urgency=medium
* SECURITY UPDATE: arbitrary file write via malicious remote servers
- Updated to 3.2.7 to fix security issue and multiple regressions
caused by the original security fixes.
- debian/patches: Added two additional upstream patches:
+ trust_the_sender_on_a_local_transfer.patch
+ avoid_quoting_of_tilde_when_its_a_destination_arg.patch
- Removed patches no longer needed with 3.2.7:
+ CVE-2020-14387.patch, fix_ftcbfs_configure.patch,
fix_delay_updates.patch, copy-devices.diff,
workaround_glibc_lchmod_regression.patch,
manpage_upstream_fixes.patch, fix_mkpath.patch,
fix_sparse_inplace.patch, update_rrsync_options.patch,
fix_rsync-ssl_RSYNC_SSL_CERT_feature.patch,
avoid_spurious_is_newer_messages_with_update.patch.
- debian/control, debian/rules, debian/rsync.install,
debian/rsync.links: ship new python-based rrsync.
- debian/rsync.install: cull_options has been renamed to cull-options.
- CVE-2022-29154
-- Marc Deslauriers <email address hidden> Mon, 27 Feb 2023 14:36:14 -0500
-
rsync (3.2.3-8ubuntu3.1) jammy; urgency=medium
* d/p/avoid_spurious_is_newer_messages_with_update.patch: New patch from
upstream (LP: #1965076)
-- Simon Deziel <email address hidden> Tue, 11 Oct 2022 22:37:36 +0000
-
rsync (3.2.3-8ubuntu3) jammy; urgency=high
* No change rebuild for ppc64el baseline bump.
-- Julian Andres Klode <email address hidden> Fri, 25 Mar 2022 10:51:06 +0100
-
rsync (3.2.3-8ubuntu2) jammy; urgency=medium
* No-change rebuild against openssl3
-- Simon Chopin <email address hidden> Wed, 24 Nov 2021 14:01:07 +0000
-
rsync (3.2.3-8ubuntu1) jammy; urgency=medium
* Merge with Debian unstable. Remaining changes:
- debian/rules: add --disable-asm configure flag. The only asm
implementation is available for md5 on x86_64, however it is no-op,
because we built with OpenSSL which has optimized md5
implementation. Furthermore, linking noop md5 asm on x86_64 results in
rsync binary not getting marked as CET compatible, because the noop
md5 asm is not marked as CET compatible. Thus building without noop
md5 asm, results in rsync gaining CET.
-- Bryce Harrington <email address hidden> Mon, 01 Nov 2021 16:05:43 -0700
-
rsync (3.2.3-4ubuntu2) impish; urgency=medium
* No-change rebuild to build packages with zstd compression.
-- Matthias Klose <email address hidden> Thu, 07 Oct 2021 12:23:58 +0200
-
rsync (3.2.3-4ubuntu1) impish; urgency=low
* Merge from Debian unstable. Remaining changes:
- debian/rules: add --disable-asm configure flag. The only asm
implementation is available for md5 on x86_64, however it is no-op,
because we built with OpenSSL which has optimized md5
implementation. Furthermore, linking noop md5 asm on x86_64 results in
rsync binary not getting marked as CET compatible, because the noop
md5 asm is not marked as CET compatible. Thus building without noop
md5 asm, results in rsync gaining CET.
rsync (3.2.3-4) unstable; urgency=medium
[ Helmut Grohne ]
* d/p/fix_ftcbfs_configure.patch: New patch to fix FTCBFS (closes: #971285)
[ Samuel Henrique ]
* Bump Standards-Version to 4.5.1
-- Julian Andres Klode <email address hidden> Mon, 10 May 2021 11:27:26 +0200
