From nobody Fri Jan 17 15:13:45 2025 X-Original-To: questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4YZNYB5HJ1z5l5nn for ; Fri, 17 Jan 2025 15:13:50 +0000 (UTC) (envelope-from ralf-mardorf@riseup.net) Received: from mx1.riseup.net (mx1.riseup.net [198.252.153.129]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "mx1.riseup.net", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4YZNY96tQpz41Yg for ; Fri, 17 Jan 2025 15:13:49 +0000 (UTC) (envelope-from ralf-mardorf@riseup.net) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=riseup.net header.s=squak header.b=Q+RdprbQ; spf=pass (mx1.freebsd.org: domain of ralf-mardorf@riseup.net designates 198.252.153.129 as permitted sender) smtp.mailfrom=ralf-mardorf@riseup.net; dmarc=pass (policy=none) header.from=riseup.net Received: from fews01-sea.riseup.net (fews01-sea-pn.riseup.net [10.0.1.109]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mx1.riseup.net (Postfix) with ESMTPS id 4YZNY86XjGzDqML for ; Fri, 17 Jan 2025 15:13:48 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=riseup.net; s=squak; t=1737126828; bh=fbjaiDbA1HWwvBvaW5TTXH1RxhKZ9fX1BrxSIssBJjM=; h=Subject:From:To:Date:In-Reply-To:References:From; b=Q+RdprbQ9jxvGoYYS22Ay84FvgX2dxIEdZhTKuwoGohEQ2ZTrsv6RtZMlLcVpfwzt 5kV7L0F6O0y0MdJ1e9r3yg54256gZb+jxvhJnKbucNd1Wi1XzZLA4magqL+Dt9gFfw Td2vC+UmtDXuzx1cdsUZjHj06Y3uV/96/NDGgqas= X-Riseup-User-ID: 3B5D138B7E949BA67E5334DE9D9A89FAA94D980D4E1285499C622BD6058AE88C Received: from [127.0.0.1] (localhost [127.0.0.1]) by fews01-sea.riseup.net (Postfix) with ESMTPSA id 4YZNY825mrzJn35 for ; Fri, 17 Jan 2025 15:13:48 +0000 (UTC) Message-ID: <398c151770891c5b4d51e32a586dcd255303d47a.camel@riseup.net> Subject: Re: Serious rsync security issues From: Ralf Mardorf To: questions@freebsd.org Date: Fri, 17 Jan 2025 16:13:45 +0100 In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: freebsd-questions@freebsd.org Sender: owner-freebsd-questions@FreeBSD.org MIME-Version: 1.0 X-Spamd-Result: default: False [-6.20 / 15.00]; DWL_DNSWL_LOW(-1.00)[riseup.net:dkim]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_LONG(-1.00)[-1.000]; RBL_SENDERSCORE_REPUT_9(-1.00)[198.252.153.129:from]; NEURAL_HAM_SHORT(-1.00)[-1.000]; DMARC_POLICY_ALLOW(-0.50)[riseup.net,none]; R_DKIM_ALLOW(-0.20)[riseup.net:s=squak]; R_SPF_ALLOW(-0.20)[+a:mx1.riseup.net]; MIME_GOOD(-0.10)[text/plain]; RWL_MAILSPIKE_GOOD(-0.10)[198.252.153.129:from]; RCVD_IN_DNSWL_LOW(-0.10)[198.252.153.129:from]; DKIM_TRACE(0.00)[riseup.net:+]; RCPT_COUNT_ONE(0.00)[1]; RCVD_TLS_ALL(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; RECEIVED_HELO_LOCALHOST(0.00)[]; FROM_HAS_DN(0.00)[]; ASN(0.00)[asn:16652, ipnet:198.252.153.0/24, country:US]; ARC_NA(0.00)[]; TO_DN_NONE(0.00)[]; RCVD_COUNT_TWO(0.00)[2]; FROM_EQ_ENVFROM(0.00)[]; MISSING_XM_UA(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[questions@freebsd.org]; MID_RHS_MATCH_FROM(0.00)[]; MLMMJ_DEST(0.00)[questions@freebsd.org]; RCVD_VIA_SMTP_AUTH(0.00)[]; MIME_TRACE(0.00)[0:+] X-Spamd-Bar: ------ X-Rspamd-Queue-Id: 4YZNY96tQpz41Yg On Fri, 2025-01-17 at 09:54 -0500, Vincent Miller wrote: > Up to version 3.4.0? Regarding the Arch Linux Announce Mailing List < 3.4.0, but >=3D 3.4.0 is not affected [1]. [1] -------- Forwarded Message -------- From: Arch Linux: Recent news updates: Robin Candau To: arch-announce@lists.archlinux.org Subject: [arch-announce] Critical rsync security release 3.4.0 Date: 01/16/2025 04:33:43 PM [snip] We highly advise anyone who runs an rsync daemon or client prior to version `3.4.0-1` to upgrade and reboot their systems immediately. [snip]