Package "rsync"

Links

Download "rsync"

Other versions of "rsync" in Resolute

Repository	Area	Version
base	main	3.4.1+ds1-7
updates	main	3.4.1+ds1-7ubuntu0.2

Changelog

Version: 3.4.1+ds1-7ubuntu0.2	2026-05-20 14:07:38 UTC
rsync (3.4.1+ds1-7ubuntu0.2) resolute-security; urgency=medium   * SECURITY UPDATE: May 2026 security issues     - debian/patches/security-202605/*.patch: commits to backport security       fixes to 3.4.1.     - d/p/CVE-2025-10158.patch: removed, included in patch cluster.     - d/p/gcc_15.patch: removed, included in patch cluster.     - d/p/fix-flaky-hardlinks-test.patch: removed, included in patch       cluster.     - CVE-2026-29518     - CVE-2026-41035     - CVE-2026-43617     - CVE-2026-43618     - CVE-2026-43619     - CVE-2026-43620     - CVE-2026-45232  -- Marc Deslauriers <email address hidden> Thu, 14 May 2026 10:54:05 +0200
CVE-2025-10158 A malicious client acting as the receiver of an rsync file transfer can trigger an out of bounds read of a heap based buffer, via a negative array in CVE-2026-41035 In rsync 3.0.1 through 3.4.1, receive_xattr relies on an untrusted length value during a qsort call, leading to a receiver use-after-free. The victim CVE-2026-43617 Rsync version 3.4.2 and prior contain an authorization bypass vulnerability in the rsync daemon's hostname-based access control list enforcement when CVE-2026-43618 Rsync version 3.4.2 and prior contain an integer overflow vulnerability in the compressed-token decoder where a 32-bit signed counter is not checked CVE-2026-43619 Rsync version 3.4.2 and prior contain symlink race condition vulnerabilities in path-based system calls including chmod, lchown, utimes, rename, unli CVE-2026-43620 Rsync version 3.4.2 and prior contain a receiver-side out-of-bounds array read vulnerability in recv_files() in receiver.c that allows a malicious rs CVE-2026-45232 Rsync versions before 3.4.3 contain an off-by-one out-of-bounds stack write vulnerability in the establish_proxy_connection() function in socket.c th

---

Share this page

Bookmarks

google-chrome-beta 149.0.7827.14

Latest updates

  Packages changelogs
  Bugs & CVEs

updates

gnutls28 (resolute)
openvpn (resolute)
gnutls28 (resolute)
gst-plugins-good1.0 (questing)
gnutls28 (questing)
gst-plugins-good1.0 (questing)
gnutls28 (questing)
openvpn (questing)
gnutls28 (noble)
gnutls28 (noble)
openvpn (noble)
gnutls28 (jammy)
gnutls28 (jammy)
openvpn (jammy)
unbound (resolute)
rsync (resolute)
unbound (resolute)
unbound (questing)
rsync (questing)
unbound (questing)
unbound (noble)
unbound (noble)
rsync (noble)
unbound (jammy)
unbound (jammy)
rsync (jammy)

security

gnutls28 (resolute)
rsync (resolute)
openvpn (resolute)
gnutls28 (resolute)

See all

PPA updates

  PPAs

nginx-nr-agent (bionic)
thunderbird (focal)
firefox-esr (focal)
brave-browser (stable)
google-chrome-canary (stable)
linux-restricted-signatures (noble)
linux-signed (noble)
code (stable)
linux-generate (noble)
vivaldi-snapshot (stable)
opera-stable (stable)
pgaudit-18 (jammy-pgdg)
londiste-sql (jammy-pgdg)
pg-auto-failover (jammy-pgdg)
google-chrome-stable (stable)
linux-restricted-modules-oem-7.0 (resolute)
nginx-module-njs (resolute)
nginx-module-njs (questing)
nginx-module-njs (noble)
nginx-module-njs (jammy)
code-exploration (stable)
firefox (resolute)
thunderbird (questing)
firefox-esr (questing)
firefox (questing)
dropbox (plucky)
thunderbird (noble)
firefox-esr (noble)
firefox (noble)
thunderbird (jammy)

See all