rsync: fix CVE-2025-10158 - linux/poky.git - Mirror of git.yoctoproject.org/poky

diff options

author	Liyin Zhang <liyin.zhang.cn@windriver.com>	2025-12-17 16:57:52 +0800
committer	Steve Sakoman <steve@sakoman.com>	2025-12-31 07:24:54 -0800
commit	652e8fc3b9d5c586ba291041c3d15d362c24b6ea (patch)
tree	6f8a7dd73f98f4ecc3bc1a4403955b8a577b139f /meta/recipes-devtools/python/python3/python-config.patch
parent	cde4ddcfd1659b06ef4703ff7656f4d6738aaf8a (diff)
download	poky-652e8fc3b9d5c586ba291041c3d15d362c24b6ea.tar.gz

rsync: fix CVE-2025-10158

CVE-2025-10158: A malicious client acting as the receiver of an rsync file transfer can trigger an out of bounds read of a heap based buffer, via a negative array index. The malicious rsync client requires at least read access to the remote rsync module in order to trigger the issue. Reference: [https://nvd.nist.gov/vuln/detail/CVE-2025-10158] Upstream patch: [https://github.com/RsyncProject/rsync/commit/797e17fc4a6f15e3b1756538a9f812b63942686f] (From OE-Core rev: fe4bea86b27551edbe7440ff47041b6d45b2f4e1) Signed-off-by: Liyin Zhang <liyin.zhang.cn@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>

Diffstat (limited to 'meta/recipes-devtools/python/python3/python-config.patch')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: