Date: Wed, 15 Jan 2025 07:50:51 -0800 From: Cy Schubert <Cy.Schubert@cschubert.com> To: Cy Schubert <Cy.Schubert@cschubert.com> Cc: Rodrigo Osorio <rodrigo@FreeBSD.org>, ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-branches@FreeBSD.org Subject: Re: git: 0076d20a9671 - 2025Q1 - net/rsync: update to 3.4.0 Message-ID: <20250115155051.5517D22F@slippy.cwsent.com> In-Reply-To: <20250115153146.221C01B6@slippy.cwsent.com> References: <202501150008.50F08gFm067796@gitrepo.freebsd.org> <20250115044157.4FB92114@slippy.cwsent.com> <20250115044542.02F9C2F@slippy.cwsent.com> <20250115052757.0111628C@slippy.cwsent.com> <20250115153146.221C01B6@slippy.cwsent.com>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <20250115153146.221C01B6@slippy.cwsent.com>, Cy Schubert writes: > In message <20250115052757.0111628C@slippy.cwsent.com>, Cy Schubert writes: > > In message <20250115044542.02F9C2F@slippy.cwsent.com>, Cy Schubert writes: > > > In message <20250115044157.4FB92114@slippy.cwsent.com>, Cy Schubert write > s: > > > > In message <202501150008.50F08gFm067796@gitrepo.freebsd.org>, Rodrigo > > > > Osorio wr > > > > ites: > > > > > The branch 2025Q1 has been updated by rodrigo: > > > > > > > > > > URL: https://cgit.FreeBSD.org/ports/commit/?id=0076d20a96718a28f956cb > 35 > > 89 > > > f1 > > > > 03 > > > > > 6e48a75f04 > > > > > > > > > > commit 0076d20a96718a28f956cb3589f1036e48a75f04 > > > > > Author: Rodrigo Osorio <rodrigo@FreeBSD.org> > > > > > AuthorDate: 2025-01-14 23:21:25 +0000 > > > > > Commit: Rodrigo Osorio <rodrigo@FreeBSD.org> > > > > > CommitDate: 2025-01-14 23:58:53 +0000 > > > > > > > > > > net/rsync: update to 3.4.0 > > > > > > > > > > Full changelog: https://download.samba.org/pub/rsync/NEWS#3.4.0 > > > > > > > > > > Security: CVE-2024-12084 - Heap Buffer Overflow in Checksum > P > > ar > > > si > > > > ng > > > > > Security: CVE-2024-12085 - Info Leak via uninitialized Stac > k > > co > > > nt > > > > en > > > > > ts defeats ASLR > > > > > Security: CVE-2024-12086 - Server leaks arbitrary client fi > le > > s > > > > > Security: CVE-2024-12087 - Server can make client write fil > es > > o > > > ut > > > > si > > > > > de of destination directory using symbolic links > > > > > Security: CVE-2024-12088 - --safe-links Bypass > > > > > Security: CVE-2024-12747 - symlink race condition > > > > > > > > > > PR: 284064 > > > > > Reported by: osa > > > > > > > > > > (cherry picked from commit 6afdd4c669193f2041216071d5723e474ae041 > bf > > ) > > > > > --- > > > > > net/rsync/Makefile | 4 ++-- > > > > > net/rsync/distinfo | 10 +++++----- > > > > > net/rsync/pkg-plist | 2 +- > > > > > 3 files changed, 8 insertions(+), 8 deletions(-) > > > > > > > > > > diff --git a/net/rsync/Makefile b/net/rsync/Makefile > > > > > index 4fefdced0380..996d4edd997e 100644 > > > > > --- a/net/rsync/Makefile > > > > > +++ b/net/rsync/Makefile > > > > > @@ -1,5 +1,5 @@ > > > > > PORTNAME= rsync > > > > > -DISTVERSION= 3.3.0 > > > > > +DISTVERSION= 3.4.0 > > > > > CATEGORIES= net > > > > > MASTER_SITES= https://www.mirrorservice.org/sites/rsync.samba > .org/src > > > > > / \ > > > > > http://rsync.mirror.garr.it/src/ \ > > > > > @@ -100,10 +100,10 @@ post-install: > > > > > @${MKDIR} ${STAGEDIR}${ETCDIR} > > > > > ${INSTALL_DATA} ${FILESDIR}/rsyncd.conf.sample ${STAGEDIR}${ETC > > DIR}/ > > > > > ${INSTALL_SCRIPT} ${WRKSRC}/support/rrsync ${STAGEDIR}${PREFIX} > > /sbin > > > > > - ${INSTALL_MAN} ${WRKSRC}/rrsync.1 ${STAGEDIR}${PREFIX}/share/ma > > n/man1/ > > > > > > > > > > post-install-DOCS-on: > > > > > @${MKDIR} ${STAGEDIR}${DOCSDIR} > > > > > ${INSTALL_DATA} ${PORTDOCS:S,^,${WRKSRC}/,} ${STAGEDIR}${DOCSDI > > R} > > > > > + ${INSTALL_DATA} ${WRKSRC}/support/rrsync.1.md ${STAGEDIR}${DOCS > > DIR} > > > > > > > > > > .include <bsd.port.post.mk> > > > > > diff --git a/net/rsync/distinfo b/net/rsync/distinfo > > > > > index 2e28240fb164..afe59a503dff 100644 > > > > > --- a/net/rsync/distinfo > > > > > +++ b/net/rsync/distinfo > > > > > @@ -1,5 +1,5 @@ > > > > > -TIMESTAMP = 1712443181 > > > > > -SHA256 (rsync-3.3.0.tar.gz) = 7399e9a6708c32d678a72a63219e96f23be0be > 23 > > 36 > > > e5 > > > > 0f > > > > > d1348498d07041df90 > > > > > -SIZE (rsync-3.3.0.tar.gz) = 1153969 > > > > > -SHA256 (rsync-patches-3.3.0.tar.gz) = 3dd51cd88d25133681106f68622ebe > db > > f1 > > > 91 > > > > ab > > > > > 25a21ea336ba409136591864b0 > > > > > -SIZE (rsync-patches-3.3.0.tar.gz) = 98487 > > > > > +TIMESTAMP = 1736887703 > > > > > +SHA256 (rsync-3.4.0.tar.gz) = 8e942f95a44226a012fe822faffa6c7fc38c34 > 04 > > 7a > > > dd > > > > 3a > > > > > 0c941e9bc8b8b93aa4 > > > > > +SIZE (rsync-3.4.0.tar.gz) = 1167983 > > > > > +SHA256 (rsync-patches-3.4.0.tar.gz) = 51533dc5b9b4293d3499b673df185c > 93 > > 48 > > > 4f > > > > 3e > > > > > 6fcf2de52f9bf1f07fa3d7cbc1 > > > > > +SIZE (rsync-patches-3.4.0.tar.gz) = 103831 > > > > > diff --git a/net/rsync/pkg-plist b/net/rsync/pkg-plist > > > > > index c0f2998051d5..6614a2d1b5a3 100644 > > > > > --- a/net/rsync/pkg-plist > > > > > +++ b/net/rsync/pkg-plist > > > > > @@ -1,8 +1,8 @@ > > > > > bin/rsync > > > > > bin/rsync-ssl > > > > > sbin/rrsync > > > > > -share/man/man1/rrsync.1.gz > > > > > share/man/man1/rsync.1.gz > > > > > share/man/man1/rsync-ssl.1.gz > > > > > share/man/man5/rsyncd.conf.5.gz > > > > > +%%PORTDOCS%%%%DOCSDIR%%/rrsync.1.md > > > > > @sample %%ETCDIR%%/rsyncd.conf.sample > > > > > > > > > > > > > rsync appears to be broken. > > > > > > > > slippy# rsync -aHW --delete git-doc cwsys:`pwd` > > > > ABORTING due to invalid path from sender: git-doc/website/shared > > > > rsync error: requested action not supported (code 4) at flist.c(2693) > > > > [generator=3.4.0] > > > > slippy# > > > > > > > > Seems it can't handle symlinks anymore. > > > > > > > > > > > > -- > > > > Cheers, > > > > Cy Schubert <Cy.Schubert@cschubert.com> > > > > FreeBSD UNIX: <cy@FreeBSD.org> Web: https://FreeBSD.org > > > > NTP: <cy@nwtime.org> Web: https://nwtime.org > > > > > > > > e^(i*pi)+1=0 > > > > > > > > > > > > > > > > > > Another error: > > > > > > slippy# rsync -aHW --delete git-src cwsys:`pwd` > > > Internal hashtable error: illegal key supplied! > > > rsync error: errors with program diagnostics (code 13) at hashtable.c(88) > > > > [generator=3.4.0] > > > slippy# > > > > It's the -H (preserve hard links) flag that's causing the issue. Without > > the -H flag rsync will behave live cp -r, creating a new file for each > > symlink rather than linking them. Certainly an issue upstream will need to > > resolve. > > I reported this upstream (https://github.com/RsyncProject/rsync/issues/702). > They have a pull request. The bug is related to another. I expect this to > be fixed shortly, probably resulting in a new point release. Here is a patch based on the pull request. It does fix the problem. >From 57184562019441b1c9246d1da04684e3ed9e8baf Mon Sep 17 00:00:00 2001 From: Cy Schubert <cy@FreeBSD.org> Date: Wed, 15 Jan 2025 07:46:31 -0800 Subject: [PATCH] net/rsync: Fix FLAG_GOT_DIR_FLIST collission with FLAG_HLINKED Obtained from: https://github.com/RsyncProject/rsync/pull/705 Upstream issues: https://github.com/RsyncProject/rsync/issues/702 https://github.com/RsyncProject/rsync/issues/697 --- net/rsync/Makefile | 1 + net/rsync/files/patch-rsync.h | 18 ++++++++++++++++++ 2 files changed, 19 insertions(+) create mode 100644 net/rsync/files/patch-rsync.h diff --git a/net/rsync/Makefile b/net/rsync/Makefile index 996d4edd997e..f82c3ab76fb8 100644 --- a/net/rsync/Makefile +++ b/net/rsync/Makefile @@ -1,5 +1,6 @@ PORTNAME= rsync DISTVERSION= 3.4.0 +PORTREVISION= 1 CATEGORIES= net MASTER_SITES= https://www.mirrorservice.org/sites/rsync.samba.org/src/ \ http://rsync.mirror.garr.it/src/ \ diff --git a/net/rsync/files/patch-rsync.h b/net/rsync/files/patch-rsync.h new file mode 100644 index 000000000000..ace1bf9794da --- /dev/null +++ b/net/rsync/files/patch-rsync.h @@ -0,0 +1,18 @@ +--- rsync.h.orig 2025-01-14 10:30:32.000000000 -0800 ++++ rsync.h 2025-01-15 07:41:40.301824000 -0800 +@@ -84,7 +84,6 @@ + #define FLAG_DUPLICATE (1<<4) /* sender */ + #define FLAG_MISSING_DIR (1<<4) /* generator */ + #define FLAG_HLINKED (1<<5) /* receiver/generator (checked on all types) */ +-#define FLAG_GOT_DIR_FLIST (1<<5)/* sender/receiver/generator - dir_flist only */ + #define FLAG_HLINK_FIRST (1<<6) /* receiver/generator (w/FLAG_HLINKED) */ + #define FLAG_IMPLIED_DIR (1<<6) /* sender/receiver/generator (dirs only) */ + #define FLAG_HLINK_LAST (1<<7) /* receiver/generator */ +@@ -93,6 +92,7 @@ + #define FLAG_SKIP_GROUP (1<<10) /* receiver/generator */ + #define FLAG_TIME_FAILED (1<<11)/* generator */ + #define FLAG_MOD_NSEC (1<<12) /* sender/receiver/generator */ ++#define FLAG_GOT_DIR_FLIST (1<<13)/* sender/receiver/generator - dir_flist only */ + + /* These flags are passed to functions but not stored. */ + -- 2.48.1 -- Cheers, Cy Schubert <Cy.Schubert@cschubert.com> FreeBSD UNIX: <cy@FreeBSD.org> Web: https://FreeBSD.org NTP: <cy@nwtime.org> Web: https://nwtime.org e^(i*pi)+1=0
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20250115155051.5517D22F>