Openembedded Core Discussions
 help / color / mirror / Atom feed
From: "Yoann Congal" <yoann.congal@smile.fr>
To: "Yoann Congal" <yoann.congal@smile.fr>, <asparmar@cisco.com>,
	<openembedded-core@lists.openembedded.org>
Cc: <xe-linux-external@cisco.com>
Subject: Re: [OE-core][scarthgap][PATCH 1/6] rsync: Fix CVE-2026-29518
Date: Mon, 06 Jul 2026 19:19:02 +0200	[thread overview]
Message-ID: <DJRNRSGCJSS1.3IN9OYGAAPQRV@smile.fr> (raw)
In-Reply-To: <DJFJLZY26OV8.76VQNOV5VDTV@smile.fr>

On Mon Jun 22, 2026 at 1:31 PM CEST, Yoann Congal wrote:
> On Fri Jun 12, 2026 at 2:13 PM CEST, Ashishkumar Parmar X (asparmar - E INFOCHIPS PRIVATE LIMITED at Cisco) via lists.openembedded.org wrote:
>> From: Ashishkumar Parmar <asparmar@cisco.com>
>>
>> Pick the upstream backport [1] for CVE-2026-29518 as mentioned in [3],
>> where a non-chrooted rsync daemon could be exposed to a parent path
>> TOCTOU race that allowed file access outside the module.
>>
>> Also include the dependent upstream fix that followed the CVE fix:
>> - CVE-2026-29518_p2.patch [2] secures sender read-path opens by
>>   opening files from the module root, closing the same race on the
>>   read side.
>>
>> [1] https://github.com/RsyncProject/rsync/commit/1a5ad81add1004354a3d8ba841b94ffe19cd2505
>> [2] https://github.com/RsyncProject/rsync/commit/99b36291d06ca66229942c7a525a1f5566f10c85
>> [3] https://www.cve.org/CVERecord?id=CVE-2026-29518
>>
>> Signed-off-by: Ashishkumar Parmar <asparmar@cisco.com>
>> ---
>
> Hello,
>
> It looks like this whole series is needed for wrynose (rsync 3.4.1).
> Can you send fixes there first, and, then, ping here?

Hello Ashishkumar,

Gentle ping for this patch series. Do you plan to send the needed
wrynose series?

Regards,

>
> Thanks!
>
>>  .../rsync/files/CVE-2026-29518_p1.patch       | 330 ++++++++++++++++++
>>  .../rsync/files/CVE-2026-29518_p2.patch       |  73 ++++
>>  meta/recipes-devtools/rsync/rsync_3.2.7.bb    |   2 +
>>  3 files changed, 405 insertions(+)
>>  create mode 100644 meta/recipes-devtools/rsync/files/CVE-2026-29518_p1.patch
>>  create mode 100644 meta/recipes-devtools/rsync/files/CVE-2026-29518_p2.patch

-- 
Yoann Congal
Smile ECS



  reply	other threads:[~2026-07-06 17:19 UTC|newest]

Thread overview: 9+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2026-06-12 12:13 [OE-core][scarthgap][PATCH 1/6] rsync: Fix CVE-2026-29518 Ashishkumar Parmar X (asparmar - E INFOCHIPS PRIVATE LIMITED at Cisco)
2026-06-12 12:13 ` [OE-core][scarthgap][PATCH 2/6] rsync: Fix CVE-2026-43619 Ashishkumar Parmar X (asparmar - E INFOCHIPS PRIVATE LIMITED at Cisco)
2026-06-12 12:13 ` [OE-core][scarthgap][PATCH 3/6] rsync: Fix CVE-2026-43618 Ashishkumar Parmar X (asparmar - E INFOCHIPS PRIVATE LIMITED at Cisco)
2026-06-12 12:13 ` [OE-core][scarthgap][PATCH 4/6] rsync: Fix CVE-2026-43620 Ashishkumar Parmar X (asparmar - E INFOCHIPS PRIVATE LIMITED at Cisco)
2026-06-12 12:13 ` [OE-core][scarthgap][PATCH 5/6] rsync: Fix CVE-2026-43617 Ashishkumar Parmar X (asparmar - E INFOCHIPS PRIVATE LIMITED at Cisco)
2026-06-12 12:13 ` [OE-core][scarthgap][PATCH 6/6] rsync: Fix CVE-2026-45232 Ashishkumar Parmar X (asparmar - E INFOCHIPS PRIVATE LIMITED at Cisco)
2026-06-22 11:31 ` [OE-core][scarthgap][PATCH 1/6] rsync: Fix CVE-2026-29518 Yoann Congal
2026-07-06 17:19   ` Yoann Congal [this message]
2026-07-07  9:52     ` Ashishkumar Parmar -X (asparmar - E INFOCHIPS PRIVATE LIMITED at Cisco)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=DJRNRSGCJSS1.3IN9OYGAAPQRV@smile.fr \
    --to=yoann.congal@smile.fr \
    --cc=asparmar@cisco.com \
    --cc=openembedded-core@lists.openembedded.org \
    --cc=xe-linux-external@cisco.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox