Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Deepin Integration]~[V23-Beta3] feat: update rsync to 3.3.0+ds1-3 by UTsweetyfish@deepin-community/rsync by deepin-community-ci-bot[bot] #11166

Closed
deepin-bot bot opened this issue Jan 14, 2025 · 5 comments
Closed

[Deepin Integration]~[V23-Beta3] feat: update rsync to 3.3.0+ds1-3 by UTsweetyfish@deepin-community/rsync by deepin-community-ci-bot[bot] #11166

deepin-bot bot opened this issue Jan 14, 2025 · 5 comments
Assignees
@Zeno-sole
Labels
Project:integrated 集成管理相关 security 许琪 许琪
Milestone
V23-Beta3

Comments

@deepin-bot
Copy link

deepin-bot bot commented Jan 14, 2025

Package information | 软件包信息

包名 版本
rsync 3.3.0+ds1-3

Package repository address | 软件包仓库地址

deb [trusted=yes] https://ci.deepin.com/repo/obs/deepin:/CI:/TestingIntegration:/test-integration-pr-2461/testing/ ./

Changelog | 更新信息

rsync (3.3.0+ds1-3) unstable; urgency=critical

  • Import upstream patches for CVE-2024-12084, CVE-2024-12085,
    CVE-2024-12086, CVE-2024-12087, CVE-2024-12088, CVE-2024-12747
    • d/p/rsync-upstream-CVE-patches-v3/CVE-2024-12084
      ~ 0001-Some-checksum-buffer-fixes.patch
      ~ 0002-Another-cast-when-multiplying-integers.patch
    • d/p/rsync-upstream-CVE-patches-v3/CVE-2024-12085
      ~ 0001-prevent-information-leak-off-the-stack.patch
    • d/p/rsync-upstream-CVE-patches-v3/CVE-2024-12086
      ~ 0001-refuse-fuzzy-options-when-fuzzy-not-selected.patch
      ~ 0002-added-secure_relative_open.patch
      ~ 0003-receiver-use-secure_relative_open-for-basis-file.patch
      ~ 0004-disallow-.-elements-in-relpath-for-secure_relative_o.patch
    • d/p/rsync-upstream-CVE-patches-v3/CVE-2024-12087
      ~ 0001-Refuse-a-duplicate-dirlist.patch
      ~ 0002-range-check-dir_ndx-before-use.patch
    • d/p/rsync-upstream-CVE-patches-v3/CVE-2024-12088
      ~ 0001-make-safe-links-stricter.patch
    • d/p/rsync-upstream-CVE-patches-v3/CVE-2024-12747
      ~ 0001-fixed-symlink-race-condition-in-sender.patch
    • d/p/rsync-upstream-CVE-patches-v3/version_update
      ~ 0001-raise-protocol-version-to-32.patch
      ~ 0002-change-version-to-3.4.0.patch
      ~ 0003-update-NEWS-for-3.4.0.patch
@deepin-bot deepin-bot bot added the Project:integrated 集成管理相关 label Jan 14, 2025
@deepin-bot deepin-bot bot added this to the V23-Beta3 milestone Jan 14, 2025
@deepin-bot deepin-bot bot moved this to In progress in v23-集成管理 Jan 14, 2025
@deepin-bot
Copy link
Author

deepin-bot bot commented Jan 14, 2025

Integration Test Info

Test suggestion | 测试建议

Influence | 影响范围

ADDITIONAL INFORMATION | 额外补充

@github-actions github-actions bot mentioned this issue Jan 14, 2025
Open
@deepin-bot
Copy link
Author

deepin-bot bot commented Jan 14, 2025

IntegrationProjector Notify the author
@UTsweetyfish: Integrated issue updated

@deepin-bot
Copy link
Author

deepin-bot bot commented Jan 14, 2025

IntegrationProjector Bot
Deepin Testing Integration Project Manager Info
Link to deepin-community/Repository-Integration#2461

@xuqi27837288 xuqi27837288 added the 许琪 许琪 label Jan 15, 2025
@xuqi27837288 xuqi27837288 moved this from In progress to 测试通过 in v23-集成管理 Jan 15, 2025
@xuqi27837288
Copy link

【验证环境】:v23 Release镜像
镜像:https://packagesupdate.uniontech.com/repo/uos-professional/image-beige/CUSTOM/lichenggang/20240814+1220内测环境
内核:Linux test-PC 6.9.6-amd64-desktop-hwe
【验证结果】:集成测试通过,暂未发现严重问题,系统使用正常

@Zeno-sole Zeno-sole moved this from 测试通过 to 已推送 in v23-集成管理 Jan 15, 2025
@linuxdeepin linuxdeepin deleted a comment from billchenchina Jan 15, 2025
@UTsweetyfish
Copy link
Member

deepin-community/sig-deepin-security#36

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@Zeno-sole Zeno-sole

Labels
Project:integrated 集成管理相关 security 许琪 许琪
Projects
v23-集成管理
Status: 已推送
Milestone
V23-Beta3
Development

No branches or pull requests
4 participants
@Zeno-sole @xuqi27837288 @hudeng-go @UTsweetyfish