Date: Fri, 17 Jan 2025 11:49:03 +0000 From: Liam Proven <liam.proven@sitpub.com> To: "freebsd-questions@freebsd.org" <freebsd-questions@freebsd.org> Subject: Re: Serious rsync security issues Message-ID: <CAJgUTdkMRvdH4JempSmpeeq2eTOnKWvme%2B6dLN7RWTCsZMj7uw@mail.gmail.com> In-Reply-To: <CAHzLAVFZzDKSnMDdzoLPOzY2q-8uNHPWutmvU97zXYS2vc9Zrw@mail.gmail.com> References: <wZLuLkwazDCoRo0ZPIV8GRbRz_nELAq5DJlWTSWe3bXHAwG1tNABShCEL8zfFkAh9viyhGnNf1QvPnJcpWRuTbqMUE8tRD5XURUWrUaoTVs=@protonmail.com> <CAHzLAVFZzDKSnMDdzoLPOzY2q-8uNHPWutmvU97zXYS2vc9Zrw@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 16 Jan 2025 at 23:16, Vincent Miller <vrwmiller@gmail.com> wrote: > > The port is at 3.4.1. If I'm not mistaken the vulnerabilities are in 3.4.0. You _are_ mistaken. 3.4.0 was the version that fixed the issues. The most serious issue, CVSS 9.8, affects all versions since 3.2.7. The other 5 affect all known versions. -- Liam Proven ~ lproven@sitpub.com Open Source Reporter, the Register ~ https://www.theregister.com/ Isle of Man tel: +44 7624 227612 ~ UK tel: +44 7939 087884 (*not* 24x7) Czech tel: +420 702 829 053 (also WhatsApp/Telegram/Signal)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAJgUTdkMRvdH4JempSmpeeq2eTOnKWvme%2B6dLN7RWTCsZMj7uw>