projects / buildroot.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 344c5a2)
rsync: security bump to version 3.1.2
authorGustavo Zacarias <gustavo@zacarias.com.ar>
Tue, 22 Dec 2015 10:46:11 +0000 (07:46 -0300)
committerThomas Petazzoni <thomas.petazzoni@free-electrons.com>
Tue, 22 Dec 2015 15:35:15 +0000 (16:35 +0100)
Fixes:
Make sure that all transferred files use only path names from inside the
transfer.  This makes it impossible for a malicious sender to try to
make the receiver use an unsafe destination path for a transferred file,
such as a just-sent symlink.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
package/rsync/rsync.hash patch | blob | history
package/rsync/rsync.mk patch | blob | history

diff --git a/package/rsync/rsync.hash b/package/rsync/rsync.hash
index 032047d6556e69bffb6b990bb6d500d019ee7c2c..6311116141e8527dfde233171654152623832b58 100644 (file)
--- a/package/rsync/rsync.hash
+++ b/package/rsync/rsync.hash
@@ -1,2 +1,2 @@
 # Locally calculated after checking pgp signature
-sha256 7de4364fcf5fe42f3bdb514417f1c40d10bbca896abe7e7f2c581c6ea08a2621        rsync-3.1.1.tar.gz
+sha256 ecfa62a7fa3c4c18b9eccd8c16eaddee4bd308a76ea50b5c02a5840f09c0a1c2        rsync-3.1.2.tar.gz
diff --git a/package/rsync/rsync.mk b/package/rsync/rsync.mk
index f3263894c0152f9bbdce64e7bc8a6ea12dc84ba2..e1e850c440fa3e62f123bc0e765bb089efabf950 100644 (file)
--- a/package/rsync/rsync.mk
+++ b/package/rsync/rsync.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-RSYNC_VERSION = 3.1.1
+RSYNC_VERSION = 3.1.2
 RSYNC_SITE = http://rsync.samba.org/ftp/rsync/src
 RSYNC_LICENSE = GPLv3+
 RSYNC_LICENSE_FILES = COPYING