-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 18 Dec 2024 17:11:25 +0100
Source: rsync
Architecture: source
Version: 3.2.7-1+deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: Paul Slootman <paul@debian.org>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Changes:
 rsync (3.2.7-1+deb12u1) bookworm-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Some checksum buffer fixes. (CVE-2024-12084)
   * Another cast when multiplying integers. (CVE-2024-12084)
   * prevent information leak off the stack (CVE-2024-12085)
   * refuse fuzzy options when fuzzy not selected (CVE-2024-12086)
   * added secure_relative_open() (CVE-2024-12086)
   * receiver: use secure_relative_open() for basis file (CVE-2024-12086)
   * disallow ../ elements in relpath for secure_relative_open (CVE-2024-12086)
   * Refuse a duplicate dirlist. (CVE-2024-12087)
   * range check dir_ndx before use (CVE-2024-12087)
   * make --safe-links stricter (CVE-2024-12088)
   * fixed symlink race condition in sender (CVE-2024-12747)
   * raise protocol version to 32
Checksums-Sha1:
 7051b58d340034be5a808b72d36c4d81e48d2dae 2476 rsync_3.2.7-1+deb12u1.dsc
 0729ee0cd5e7e609510583ce4768a6170a7a9de7 1149787 rsync_3.2.7.orig.tar.gz
 86d55b75f7529d20965e5482770d2d5414022745 195 rsync_3.2.7.orig.tar.gz.asc
 d7285b57a6d7e4c2818cd7ca26fc2a3350a19633 35140 rsync_3.2.7-1+deb12u1.debian.tar.xz
 a05e09d533db998eb641fe42165e9be2004ef603 7110 rsync_3.2.7-1+deb12u1_source.buildinfo
Checksums-Sha256:
 899d7765e127ccf712ba71d45f750162bd15ac97ba3bd39180487ebabed39ce6 2476 rsync_3.2.7-1+deb12u1.dsc
 4e7d9d3f6ed10878c58c5fb724a67dacf4b6aac7340b13e488fb2dc41346f2bb 1149787 rsync_3.2.7.orig.tar.gz
 8e054b8e852f371fbcb757de51f1a07de5621ae959ea766d3c3e5439d7b5f4ae 195 rsync_3.2.7.orig.tar.gz.asc
 cdbfcddc0e9f3193f2996a58f43162147cbc9b6597899c09213ba55ee5efb503 35140 rsync_3.2.7-1+deb12u1.debian.tar.xz
 d20f98fd9c0a3da4a5f347ca6007fccaefefe3e3d31b8206c34e277421e01928 7110 rsync_3.2.7-1+deb12u1_source.buildinfo
Files:
 0581e61ba6d5a3cac3289bcbb64618d8 2476 net optional rsync_3.2.7-1+deb12u1.dsc
 f216f350ef56b9ba61bc313cb6ec2ed6 1149787 net optional rsync_3.2.7.orig.tar.gz
 e133a77fbb1dca548863a7f0543b8087 195 net optional rsync_3.2.7.orig.tar.gz.asc
 ca88e4e7d9b9e41324fdb79e48c12bb1 35140 net optional rsync_3.2.7-1+deb12u1.debian.tar.xz
 baae17669302d5a4b1fb269a4b228ddc 7110 net optional rsync_3.2.7-1+deb12u1_source.buildinfo
-----BEGIN PGP SIGNATURE-----

iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmdi/uBfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89E9D0P/j+jUBhQ8rP9CPv7TODuN+upaXBEadnU
yygtJ7bLx6wzyCcaRy6QvgLxc3Z/s4NBzHLsBLvimjO5zVwUhOxgd4erg/e5NWTv
Q8nmo2EkNpcp9vd7ocvuYvWw1KAwYpIVMH/kaNBaOMZwezaOpEG/efFYBinegKff
+Ms7f+Omnz6qQUgRuxMuA3FsXN0J8XplR6XHW26vl97XNEjA3b+CfNpZM8pD0Dsq
S8HcHt2O9nCFHJMSKPl1Xvu0sPpHjN8rhM7xhlfvAG9lpKfsFf9c0+In2qgPAoCu
uwvW4/bkQjNm5lwpNOzi98gooKI8sjCpeKIix0WxpXwmYEncMQoDzsHLgvXzNRuk
kKdbn4zmIFQB1lNU8BgM22v6Xa6gJ440Pbpy+SQcu5GMo2S+P8U1WRAyblCm7FfH
KR55oD9odtUJpj+jZ0oJlEaALYMU2CARVDMZBGjNMQVHyKoc+S1X5saxN/pGXqWr
9h1uKvdf+L1GtT9R08lY2GmVkBKszvln9+xSYM9obHUPWVXI+6SHPiFgNGD7rNtQ
sNedRL/izA2eI/lKjD1M72mw1D3nDby6oY0q1BB4YiS/EC9xNe/QsPM3cm38LJsq
6zKEW7pHd9qAjkRMO4DWfFJeHg7oZ+uUPSbWyk3pIIklWDvNktTnBj/w508HQtWB
1jgbh9CYQRCO
=TKh/
-----END PGP SIGNATURE-----