Buildroot Archive on lore.kernel.org
 help / color / mirror / Atom feed
* [Buildroot] [PATCH 1/1] package/rsync: bump version to 3.2.5
@ 2022-08-15  4:06 Yair Ben-Avraham via buildroot
  2022-08-15  9:50 ` Thomas Petazzoni via buildroot
  0 siblings, 1 reply; 2+ messages in thread
From: Yair Ben-Avraham via buildroot @ 2022-08-15  4:06 UTC (permalink / raw)
  To: buildroot@buildroot.org

Fix https://nvd.nist.gov/vuln/detail/CVE-2022-29154

Remove 0001-rsync-ssl-Verify-the-hostname-in-the-certificate-when-using-openssl.patch, applied to master:
https://github.com/WayneD/rsync/commit/c3f7414c450faaf6a8281cc4a4403529aeb7d859

remove 0002-Handle-linking-with-a-zlib-with-external-read_buf.patch b/package/rsync/0002-Handle-linking-with-a-zlib-with-external-read_buf.patch, applied to naster:
https://github.com/WayneD/rsync/commit/60dd42be603a79cd57cec076fe1680e9037be774

Signed-off-by: Yair Ben-Avraham <yairba@protonmail.com>
---
 ...n-the-certificate-when-using-openssl.patch | 29 -------------------
 ...g-with-a-zlib-with-external-read_buf.patch | 27 -----------------
 package/rsync/rsync.hash                      |  6 ++--
 package/rsync/rsync.mk                        |  2 +-
 4 files changed, 4 insertions(+), 60 deletions(-)
 delete mode 100644 package/rsync/0001-rsync-ssl-Verify-the-hostname-in-the-certificate-when-using-openssl.patch
 delete mode 100644 package/rsync/0002-Handle-linking-with-a-zlib-with-external-read_buf.patch

diff --git a/package/rsync/0001-rsync-ssl-Verify-the-hostname-in-the-certificate-when-using-openssl.patch b/package/rsync/0001-rsync-ssl-Verify-the-hostname-in-the-certificate-when-using-openssl.patch
deleted file mode 100644
index 13edeff944..0000000000
--- a/package/rsync/0001-rsync-ssl-Verify-the-hostname-in-the-certificate-when-using-openssl.patch
+++ /dev/null
@@ -1,29 +0,0 @@
-From c3f7414c450faaf6a8281cc4a4403529aeb7d859 Mon Sep 17 00:00:00 2001
-From: Matt McCutchen <matt@mattmccutchen.net>
-Date: Wed, 26 Aug 2020 12:16:08 -0400
-Subject: [PATCH] rsync-ssl: Verify the hostname in the certificate when using
- openssl.
-
-Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
-[Retrieved from:
-https://git.samba.org/?p=rsync.git;a=commitdiff;h=c3f7414c450faaf6a8281cc4a4403529aeb7d859]
----
- rsync-ssl | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/rsync-ssl b/rsync-ssl
-index 8101975a..46701af1 100755
---- a/rsync-ssl
-+++ b/rsync-ssl
-@@ -129,7 +129,7 @@ function rsync_ssl_helper {
-     fi
- 
-     if [[ $RSYNC_SSL_TYPE == openssl ]]; then
--	exec $RSYNC_SSL_OPENSSL s_client $caopt $certopt -quiet -verify_quiet -servername $hostname -connect $hostname:$port
-+	exec $RSYNC_SSL_OPENSSL s_client $caopt $certopt -quiet -verify_quiet -servername $hostname -verify_hostname $hostname -connect $hostname:$port
-     elif [[ $RSYNC_SSL_TYPE == gnutls ]]; then
- 	exec $RSYNC_SSL_GNUTLS --logfile=/dev/null $gnutls_cert_opt $gnutls_opts $hostname:$port
-     else
--- 
-2.25.1
-
diff --git a/package/rsync/0002-Handle-linking-with-a-zlib-with-external-read_buf.patch b/package/rsync/0002-Handle-linking-with-a-zlib-with-external-read_buf.patch
deleted file mode 100644
index 0af090732c..0000000000
--- a/package/rsync/0002-Handle-linking-with-a-zlib-with-external-read_buf.patch
+++ /dev/null
@@ -1,27 +0,0 @@
-From 60dd42be603a79cd57cec076fe1680e9037be774 Mon Sep 17 00:00:00 2001
-From: Wayne Davison <wayne@opencoder.net>
-Date: Mon, 11 Apr 2022 08:29:54 -0700
-Subject: [PATCH] Handle linking with a zlib with external read_buf.
-
-[Retrieved from:
-https://github.com/WayneD/rsync/commit/60dd42be603a79cd57cec076fe1680e9037be774]
-Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
----
- rsync.h | 4 ++++
- 1 file changed, 4 insertions(+)
-
-diff --git a/rsync.h b/rsync.h
-index 4b30570b..e5aacd25 100644
---- a/rsync.h
-+++ b/rsync.h
-@@ -1172,6 +1172,10 @@ struct name_num_obj {
- 	struct name_num_item list[10]; /* we'll get a compile error/warning if this is ever too small */
- };
- 
-+#ifdef EXTERNAL_ZLIB
-+#define read_buf read_buf_
-+#endif
-+
- #ifndef __cplusplus
- #include "proto.h"
- #endif
diff --git a/package/rsync/rsync.hash b/package/rsync/rsync.hash
index 92f6156ba8..f0ba4d321d 100644
--- a/package/rsync/rsync.hash
+++ b/package/rsync/rsync.hash
@@ -1,5 +1,5 @@
 # Locally calculated after checking pgp signature
-# https://download.samba.org/pub/rsync/src/rsync-3.2.3.tar.gz.asc
-sha256  becc3c504ceea499f4167a260040ccf4d9f2ef9499ad5683c179a697146ce50e  rsync-3.2.3.tar.gz
+# https://download.samba.org/pub/rsync/src/rsync-3.2.5.tar.gz.asc
+sha256  2ac4d21635cdf791867bc377c35ca6dda7f50d919a58be45057fd51600c69aba  rsync-3.2.5.tar.gz
 # Locally calculated
-sha256  0d33aa97d302cb9df27f99dfa28d58001c2479a02317956f1a7a890f3937a976  COPYING
+sha256  85c19ea50a224c2d0067a69c083584e5717b40b76610ec1218f91385775067dd  COPYING
diff --git a/package/rsync/rsync.mk b/package/rsync/rsync.mk
index 5b51ca1df7..d2c772a75a 100644
--- a/package/rsync/rsync.mk
+++ b/package/rsync/rsync.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-RSYNC_VERSION = 3.2.3
+RSYNC_VERSION = 3.2.5
 RSYNC_SITE = http://rsync.samba.org/ftp/rsync/src
 RSYNC_LICENSE = GPL-3.0+ with exceptions
 RSYNC_LICENSE_FILES = COPYING
-- 
2.30.2
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot

^ permalink raw reply related	[flat|nested] 2+ messages in thread
* Re: [Buildroot] [PATCH 1/1] package/rsync: bump version to 3.2.5
  2022-08-15  4:06 [Buildroot] [PATCH 1/1] package/rsync: bump version to 3.2.5 Yair Ben-Avraham via buildroot
@ 2022-08-15  9:50 ` Thomas Petazzoni via buildroot
  0 siblings, 0 replies; 2+ messages in thread
From: Thomas Petazzoni via buildroot @ 2022-08-15  9:50 UTC (permalink / raw)
  To: Yair Ben-Avraham via buildroot; +Cc: Yair Ben-Avraham

On Mon, 15 Aug 2022 04:06:02 +0000
Yair Ben-Avraham via buildroot <buildroot@buildroot.org> wrote:

> Fix https://nvd.nist.gov/vuln/detail/CVE-2022-29154
> 
> Remove 0001-rsync-ssl-Verify-the-hostname-in-the-certificate-when-using-openssl.patch, applied to master:
> https://github.com/WayneD/rsync/commit/c3f7414c450faaf6a8281cc4a4403529aeb7d859
> 
> remove 0002-Handle-linking-with-a-zlib-with-external-read_buf.patch b/package/rsync/0002-Handle-linking-with-a-zlib-with-external-read_buf.patch, applied to naster:
> https://github.com/WayneD/rsync/commit/60dd42be603a79cd57cec076fe1680e9037be774
> 
> Signed-off-by: Yair Ben-Avraham <yairba@protonmail.com>
> ---
>  ...n-the-certificate-when-using-openssl.patch | 29 -------------------
>  ...g-with-a-zlib-with-external-read_buf.patch | 27 -----------------
>  package/rsync/rsync.hash                      |  6 ++--
>  package/rsync/rsync.mk                        |  2 +-
>  4 files changed, 4 insertions(+), 60 deletions(-)
>  delete mode 100644 package/rsync/0001-rsync-ssl-Verify-the-hostname-in-the-certificate-when-using-openssl.patch
>  delete mode 100644 package/rsync/0002-Handle-linking-with-a-zlib-with-external-read_buf.patch

Applied to next, thanks.

Thomas
-- 
Thomas Petazzoni, CTO, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot

^ permalink raw reply	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2022-08-15  9:51 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2022-08-15  4:06 [Buildroot] [PATCH 1/1] package/rsync: bump version to 3.2.5 Yair Ben-Avraham via buildroot
2022-08-15  9:50 ` Thomas Petazzoni via buildroot

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox