new release 3.4.0 - critical security release
rsync.project
rsync.project at gmail.com
Tue Jan 14 19:49:04 UTC 2025
We have just released version 3.4.0 of rsync. This release fixes 6 security
vulnerabilities found by two groups of security researchers.
You can find the new release links here:
- https://rsync.samba.org/
- https://download.samba.org/pub/rsync/src/
For details on the vulnerabilities please see this CERT advisory:
https://kb.cert.org/vuls/id/952657
The various distros should be doing security releases today
Many thanks to Simon Scannell, Pedro Gallegos, and Jasiel Spelman at Google
Cloud Vulnerability Research and Aleksei Gorban (Loqpa) for discovering
these vulnerabilities and working with the rsync project to develop and
test fixes.
Also many thanks to Wayne Davison for assisting with the release process as
this is the first release I've done since 2002 when Wayne took over as the
rsync maintainer.
Andrew Tridgell
rsync maintainer (again!)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.samba.org/pipermail/rsync/attachments/20250115/6b953bcd/attachment.htm>
More information about the rsync
mailing list