diff --git a/backport-A-fix-for-the-zlib-fix.patch b/backport-A-fix-for-the-zlib-fix.patch deleted file mode 100644 index bc25324..0000000 --- a/backport-A-fix-for-the-zlib-fix.patch +++ /dev/null @@ -1,26 +0,0 @@ -From 9e2921fce8c518e370c324407d35bc83ba12f2d5 Mon Sep 17 00:00:00 2001 -From: Wayne Davison -Date: Mon, 8 Aug 2022 20:05:10 -0700 -Subject: [PATCH] A fix for the zlib fix. - ---- - zlib/inflate.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/zlib/inflate.c b/zlib/inflate.c -index d15132ea..e9840b67 100644 ---- a/zlib/inflate.c -+++ b/zlib/inflate.c -@@ -739,10 +739,10 @@ int flush; - copy = state->length; - if (copy > have) copy = have; - if (copy) { -- len = state->head->extra_len - state->length; - if (state->head != Z_NULL && - state->head->extra != Z_NULL && -- len < state->head->extra_max) { -+ (len = state->head->extra_len - state->length) < -+ state->head->extra_max) { - zmemcpy(state->head->extra + len, next, - len + copy > state->head->extra_max ? - state->head->extra_max - len : copy); diff --git a/backport-CVE-2020-14387-rsync-ssl-Verify-the-hostname-in-the-certificate-whe.patch b/backport-CVE-2020-14387-rsync-ssl-Verify-the-hostname-in-the-certificate-whe.patch deleted file mode 100644 index ad06726..0000000 --- a/backport-CVE-2020-14387-rsync-ssl-Verify-the-hostname-in-the-certificate-whe.patch +++ /dev/null @@ -1,23 +0,0 @@ -From c3f7414c450faaf6a8281cc4a4403529aeb7d859 Mon Sep 17 00:00:00 2001 -From: Matt McCutchen -Date: Wed, 26 Aug 2020 12:16:08 -0400 -Subject: [PATCH] rsync-ssl: Verify the hostname in the certificate when using - openssl. - ---- - rsync-ssl | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/rsync-ssl b/rsync-ssl -index 8101975a..46701af1 100755 ---- a/rsync-ssl -+++ b/rsync-ssl -@@ -129,7 +129,7 @@ function rsync_ssl_helper { - fi - - if [[ $RSYNC_SSL_TYPE == openssl ]]; then -- exec $RSYNC_SSL_OPENSSL s_client $caopt $certopt -quiet -verify_quiet -servername $hostname -connect $hostname:$port -+ exec $RSYNC_SSL_OPENSSL s_client $caopt $certopt -quiet -verify_quiet -servername $hostname -verify_hostname $hostname -connect $hostname:$port - elif [[ $RSYNC_SSL_TYPE == gnutls ]]; then - exec $RSYNC_SSL_GNUTLS --logfile=/dev/null $gnutls_cert_opt $gnutls_opts $hostname:$port - else diff --git a/backport-CVE-2022-29154.patch b/backport-CVE-2022-29154.patch deleted file mode 100644 index 80935de..0000000 --- a/backport-CVE-2022-29154.patch +++ /dev/null @@ -1,116 +0,0 @@ -From b7231c7d02cfb65d291af74ff66e7d8c507ee871 Mon Sep 17 00:00:00 2001 -From: Wayne Davison -Date: Sun, 31 Jul 2022 16:55:34 -0700 -Subject: [PATCH] Some extra file-list safety checks. - -Conflict:don't apply add_implied_include(),adapt context in flist.c,delete rsync.1.md -Reference:https://github.com/WayneD/rsync/commit/b7231c7d02cfb65d291af74ff66e7d8c507ee871 ---- - exclude.c | 4 +++- - flist.c | 10 ++++++++++ - main.c | 2 ++ - receiver.c | 11 +++++++---- - 4 files changed, 22 insertions(+), 5 deletions(-) - -diff --git a/exclude.c b/exclude.c -index e095744..ab91999 100644 ---- a/exclude.c -+++ b/exclude.c -@@ -46,6 +46,7 @@ filter_rule_list cvs_filter_list = { .debug_type = " [global CVS]" }; - filter_rule_list daemon_filter_list = { .debug_type = " [daemon]" }; - - int saw_xattr_filter = 0; -+int trust_sender_filter = 0; - - /* Need room enough for ":MODS " prefix plus some room to grow. */ - #define MAX_RULE_PREFIX (16) -@@ -714,7 +715,7 @@ static void report_filter_result(enum logcode code, char const *name, - : name_flags & NAME_IS_DIR ? "directory" - : "file"; - rprintf(code, "[%s] %sing %s %s because of pattern %s%s%s\n", -- w, actions[*w!='s'][!(ent->rflags & FILTRULE_INCLUDE)], -+ w, actions[*w=='g'][!(ent->rflags & FILTRULE_INCLUDE)], - t, name, ent->pattern, - ent->rflags & FILTRULE_DIRECTORY ? "/" : "", type); - } -@@ -886,6 +887,7 @@ static filter_rule *parse_rule_tok(const char **rulestr_ptr, - } - switch (ch) { - case ':': -+ trust_sender_filter = 1; - rule->rflags |= FILTRULE_PERDIR_MERGE - | FILTRULE_FINISH_SETUP; - /* FALL THROUGH */ -diff --git a/flist.c b/flist.c -index 5a1e424..5d5c7a2 100644 ---- a/flist.c -+++ b/flist.c -@@ -72,6 +72,7 @@ extern int need_unsorted_flist; - extern int sender_symlink_iconv; - extern int output_needs_newline; - extern int sender_keeps_checksum; -+extern int trust_sender_filter; - extern int unsort_ndx; - extern uid_t our_uid; - extern struct stats stats; -@@ -971,6 +972,15 @@ static struct file_struct *recv_file_entry(int f, struct file_list *flist, int x - exit_cleanup(RERR_UNSUPPORTED); - } - -+ if (*thisname != '.' || thisname[1] != '\0') { -+ int filt_flags = S_ISDIR(mode) ? NAME_IS_DIR : NAME_IS_FILE; -+ if (!trust_sender_filter /* a per-dir filter rule means we must trust the sender's filtering */ -+ && filter_list.head && check_filter(&filter_list, FINFO, thisname, filt_flags) < 0) { -+ rprintf(FERROR, "ERROR: rejecting excluded file-list name: %s\n", thisname); -+ exit_cleanup(RERR_PROTOCOL); -+ } -+ } -+ - if (inc_recurse && S_ISDIR(mode)) { - if (one_file_system) { - /* Room to save the dir's device for -x */ -diff --git a/main.c b/main.c -index 46b97b5..c688e6d 100644 ---- a/main.c -+++ b/main.c -@@ -87,6 +87,7 @@ extern BOOL shutting_down; - extern int backup_dir_len; - extern int basis_dir_cnt; - extern int default_af_hint; -+extern int trust_sender_filter; - extern struct stats stats; - extern char *stdout_format; - extern char *logfile_format; -@@ -642,6 +643,7 @@ static pid_t do_cmd(char *cmd, char *machine, char *user, char **remote_argv, in - #ifdef ICONV_CONST - setup_iconv(); - #endif -+ trust_sender_filter = 1; - } else if (local_server) { - /* If the user didn't request --[no-]whole-file, force - * it on, but only if we're not batch processing. */ -diff --git a/receiver.c b/receiver.c -index 9df603f..3182e2d 100644 ---- a/receiver.c -+++ b/receiver.c -@@ -584,10 +584,13 @@ int recv_files(int f_in, int f_out, char *local_name) - if (DEBUG_GTE(RECV, 1)) - rprintf(FINFO, "recv_files(%s)\n", fname); - -- if (daemon_filter_list.head && (*fname != '.' || fname[1] != '\0') -- && check_filter(&daemon_filter_list, FLOG, fname, 0) < 0) { -- rprintf(FERROR, "attempt to hack rsync failed.\n"); -- exit_cleanup(RERR_PROTOCOL); -+ if (daemon_filter_list.head && (*fname != '.' || fname[1] != '\0')) { -+ int filt_flags = S_ISDIR(file->mode) ? NAME_IS_DIR : NAME_IS_FILE; -+ if (check_filter(&daemon_filter_list, FLOG, fname, filt_flags) < 0) { -+ rprintf(FERROR, "ERROR: rejecting file transfer request for daemon excluded file: %s\n", -+ fname); -+ exit_cleanup(RERR_PROTOCOL); -+ } - } - - #ifdef SUPPORT_XATTRS --- -2.27.0 - diff --git a/backport-CVE-2022-37434.patch b/backport-CVE-2022-37434.patch deleted file mode 100644 index 92ad078..0000000 --- a/backport-CVE-2022-37434.patch +++ /dev/null @@ -1,28 +0,0 @@ -From 788f11ea6afeb96f0d84f140192165a1ca12ade4 Mon Sep 17 00:00:00 2001 -From: Wayne Davison -Date: Sun, 7 Aug 2022 09:27:57 -0700 -Subject: [PATCH] Fix zlib bug with a large gzip header extra field - -From zlib commit eff308af425b67093bab25f80f1ae950166bece1. -Fixes CVE-2022-37434. ---- - zlib/inflate.c | 5 +++-- - 1 file changed, 3 insertions(+), 2 deletions(-) - -diff --git a/zlib/inflate.c b/zlib/inflate.c -index e43abd9e0..d15132eaf 100644 ---- a/zlib/inflate.c -+++ b/zlib/inflate.c -@@ -739,9 +739,10 @@ int flush; - copy = state->length; - if (copy > have) copy = have; - if (copy) { -+ len = state->head->extra_len - state->length; - if (state->head != Z_NULL && -- state->head->extra != Z_NULL) { -- len = state->head->extra_len - state->length; -+ state->head->extra != Z_NULL && -+ len < state->head->extra_max) { - zmemcpy(state->head->extra + len, next, - len + copy > state->head->extra_max ? - state->head->extra_max - len : copy); diff --git a/backport-Work-around-glibc-lchmod-issue-a-better-way.patch b/backport-Work-around-glibc-lchmod-issue-a-better-way.patch deleted file mode 100644 index 68b4941..0000000 --- a/backport-Work-around-glibc-lchmod-issue-a-better-way.patch +++ /dev/null @@ -1,65 +0,0 @@ -From 9dd62525f3b98d692e031f22c02be8f775966503 Mon Sep 17 00:00:00 2001 -From: Wayne Davison -Date: Sun, 29 Nov 2020 09:33:54 -0800 -Subject: [PATCH] Work around glibc's lchmod() issue a better way. - ---- - syscall.c | 34 +++++++++++++++++++++------------- - 1 files changed, 21 insertions(+), 13 deletions(-) - -diff --git a/syscall.c b/syscall.c -index b9c3b4e..11d10e4 100644 ---- a/syscall.c -+++ b/syscall.c -@@ -227,27 +227,35 @@ int do_open(const char *pathname, int flags, mode_t mode) - #ifdef HAVE_CHMOD - int do_chmod(const char *path, mode_t mode) - { -+ static int switch_step = 0; - int code; - if (dry_run) return 0; - RETURN_ERROR_IF_RO_OR_LO; -+ switch (switch_step) { - #ifdef HAVE_LCHMOD -- code = lchmod(path, mode & CHMOD_BITS); --#else -- if (S_ISLNK(mode)) { -+#include "case_N.h" -+ if ((code = lchmod(path, mode & CHMOD_BITS)) == 0 || errno != ENOTSUP) -+ break; -+ switch_step++; -+#endif -+ -+#include "case_N.h" -+ if (S_ISLNK(mode)) { - # if defined HAVE_SETATTRLIST -- struct attrlist attrList; -- uint32_t m = mode & CHMOD_BITS; /* manpage is wrong: not mode_t! */ -+ struct attrlist attrList; -+ uint32_t m = mode & CHMOD_BITS; /* manpage is wrong: not mode_t! */ - -- memset(&attrList, 0, sizeof attrList); -- attrList.bitmapcount = ATTR_BIT_MAP_COUNT; -- attrList.commonattr = ATTR_CMN_ACCESSMASK; -- code = setattrlist(path, &attrList, &m, sizeof m, FSOPT_NOFOLLOW); -+ memset(&attrList, 0, sizeof attrList); -+ attrList.bitmapcount = ATTR_BIT_MAP_COUNT; -+ attrList.commonattr = ATTR_CMN_ACCESSMASK; -+ code = setattrlist(path, &attrList, &m, sizeof m, FSOPT_NOFOLLOW); - # else -- code = 1; -+ code = 1; - # endif -- } else -- code = chmod(path, mode & CHMOD_BITS); /* DISCOURAGED FUNCTION */ --#endif /* !HAVE_LCHMOD */ -+ } else -+ code = chmod(path, mode & CHMOD_BITS); /* DISCOURAGED FUNCTION */ -+ break; -+ } - if (code != 0 && (preserve_perms || preserve_executability)) - return code; - return 0; --- -1.8.3.1 - diff --git a/rsync-3.2.3.tar.gz b/rsync-3.2.3.tar.gz deleted file mode 100644 index a3ecb71..0000000 Binary files a/rsync-3.2.3.tar.gz and /dev/null differ diff --git a/rsync-3.2.5.tar.gz b/rsync-3.2.5.tar.gz new file mode 100644 index 0000000..b732872 Binary files /dev/null and b/rsync-3.2.5.tar.gz differ diff --git a/rsync-patches-3.2.3.tar.gz b/rsync-patches-3.2.3.tar.gz deleted file mode 100644 index 7f5b9f2..0000000 Binary files a/rsync-patches-3.2.3.tar.gz and /dev/null differ diff --git a/rsync.spec b/rsync.spec index bb0cefa..3833365 100644 --- a/rsync.spec +++ b/rsync.spec @@ -1,16 +1,15 @@ Name: rsync -Version: 3.2.3 -Release: 4 +Version: 3.2.5 +Release: 1 Summary: Fast incremental file transfer utility License: GPLv3+ URL: http://rsync.samba.org/ -Source0: https://download.samba.org/pub/rsync/src/rsync-%{version}%{?prerelease}.tar.gz -Source1: https://download.samba.org/pub/rsync/src/rsync-patches-%{version}.tar.gz -Source2: rsyncd.socket -Source3: rsyncd.service -Source4: rsyncd.conf -Source5: rsyncd.sysconfig -Source6: rsyncd@.service +Source0: https://download.samba.org/pub/rsync/src/rsync-%{version}.tar.gz +Source1: rsyncd.socket +Source2: rsyncd.service +Source3: rsyncd.conf +Source4: rsyncd.sysconfig +Source5: rsyncd@.service BuildRequires: git gcc systemd libacl-devel libattr-devel autoconf popt-devel BuildRequires: lz4-devel openssl-devel libzstd-devel @@ -18,12 +17,6 @@ Provides: bundled(zlib) = 1.2.8 rsync-daemon Obsoletes: rsync-daemon %{?systemd_requires} -Patch1: backport-Work-around-glibc-lchmod-issue-a-better-way.patch -Patch2: backport-CVE-2020-14387-rsync-ssl-Verify-the-hostname-in-the-certificate-whe.patch -Patch3: backport-CVE-2022-37434.patch -Patch4: backport-A-fix-for-the-zlib-fix.patch -Patch5: backport-CVE-2022-29154.patch - %description Rsync is an open source utility that provides fast incremental file transfer. It uses the "rsync algorithm" which provides a very fast method for bringing @@ -34,9 +27,7 @@ at one of the ends of the link beforehand. %package_help %prep -%autosetup -b 1 -n %{name}-%{version} -p1 - -patch -p1 -i patches/copy-devices.diff +%autosetup -n %{name}-%{version} -p1 %build %configure --disable-xxhash @@ -49,11 +40,11 @@ chmod -x support/* %install %make_install -install -D -m644 %{SOURCE2} %{buildroot}/%{_unitdir}/rsyncd.socket -install -D -m644 %{SOURCE3} %{buildroot}/%{_unitdir}/rsyncd.service -install -D -m644 %{SOURCE4} %{buildroot}/%{_sysconfdir}/rsyncd.conf -install -D -m644 %{SOURCE5} %{buildroot}/%{_sysconfdir}/sysconfig/rsyncd -install -D -m644 %{SOURCE6} %{buildroot}/%{_unitdir}/rsyncd@.service +install -D -m644 %{SOURCE1} %{buildroot}/%{_unitdir}/rsyncd.socket +install -D -m644 %{SOURCE2} %{buildroot}/%{_unitdir}/rsyncd.service +install -D -m644 %{SOURCE3} %{buildroot}/%{_sysconfdir}/rsyncd.conf +install -D -m644 %{SOURCE4} %{buildroot}/%{_sysconfdir}/sysconfig/rsyncd +install -D -m644 %{SOURCE5} %{buildroot}/%{_unitdir}/rsyncd@.service %pre @@ -83,15 +74,13 @@ install -D -m644 %{SOURCE6} %{buildroot}/%{_unitdir}/rsyncd@.service %{_mandir}/man5/rsyncd.conf.5* %changelog -* Fri Aug 26 2022 panxiaohe - 3.2.3-4 -- fix CVE-2022-29154 - -* Thu Aug 18 2022 fuanan - 3.2.3-3 -- Fix CVE-2022-37434 +* Thu Aug 18 2022 fuanan - 3.2.5-1 +- Update version to 3.2.5 +- Fix CVE-2022-29154,CVE-2022-37434 * Fri Jun 18 2021 yangzhuangzhuang - 3.2.3-2 -- Type:CVE -- CVE:CVE-2020-14387 +- Type:bugfix +- ID:NA - SUG:NA - DESC:Fix CVE-2020-14387