[ALSA-2025:2600] Moderate: rsync security update
Type:
security
Severity:
moderate
Release date:
2025-03-17
Description:
The rsync utility enables the users to copy and synchronize files locally or across a network. Synchronization with rsync is fast because rsync only sends the differences in files over the network instead of sending whole files. The rsync utility is also used as a mirroring tool. Security Fix(es): * rsync: Path traversal vulnerability in rsync (CVE-2024-12087) * rsync: --safe-links option bypass leads to path traversal (CVE-2024-12088) * rsync: Race Condition in rsync Handling Symbolic Links (CVE-2024-12747) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 rsync-3.1.3-21.el8_10.aarch64.rpm 3692610600006dc61633caceda0c18b983e8fad3d524885a90ed253148d51cec
noarch rsync-daemon-3.1.3-21.el8_10.noarch.rpm 2ca3958da407abb322c176be1bbd8eb194b5a2486cdc8272998646e9d5b28f12
ppc64le rsync-3.1.3-21.el8_10.ppc64le.rpm d506c082a69cfd775712d9ddc9199acf65da7b20bef160cd9a9fa1b0e2352f88
s390x rsync-3.1.3-21.el8_10.s390x.rpm 165ff91532a59341f2c3c959ace003554ace09c43124458982c77228d0b7bd30
x86_64 rsync-3.1.3-21.el8_10.x86_64.rpm d03fa5086bf30f3cb919cc50f66c07ca132bc42821e184a028c90d6ecbb6bf7b
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.