[ALSA-2022:2201] rsync security update
An update for rsync is now available for AlmaLinux AlmaLinux Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
The rsync utility enables the users to copy and synchronize files locally or across a network. Synchronization with rsync is fast because rsync only sends the differences in files over the network instead of sending whole files. The rsync utility is also used as a mirroring tool.
Security Fix(es):
- zlib: A flaw found in zlib when compressing (not decompressing) certain inputs (CVE-2018-25032)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
| Package | Affected Version |
|---|---|
 pkg:rpm/almalinux/rsync?arch=x86_64&distro=almalinux-8.6
|
< 3.1.3-14.el8_6.2 |
|
pkg:rpm/almalinux/rsync?arch=x86_64&distro=almalinux-8
|
< 3.1.3-14.el8 |
|
pkg:rpm/almalinux/rsync?arch=aarch64&distro=almalinux-8.6
|
< 3.1.3-14.el8_6.2 |
|
pkg:rpm/almalinux/rsync?arch=aarch64&distro=almalinux-8
|
< 3.1.3-14.el8 |
|
pkg:rpm/almalinux/rsync-daemon?arch=noarch&distro=almalinux-8.6
|
< 3.1.3-14.el8_6.2 |
|
pkg:rpm/almalinux/rsync-daemon?arch=noarch&distro=almalinux-8
|
< 3.1.3-14.el8 |
- ID
- ALSA-2022:2201
- Severity
- important
- URL
- https://errata.almalinux.org/ALSA-2022:2201.html
- Published
-
2022-05-11T13:23:26
(2 years ago) - Modified
-
2022-05-11T13:23:26
(2 years ago) - Rights
- Copyright 2022 AlmaLinux OS
- Other Advisories
-
-
ALAS-2022-1602
-
ALAS-2022-1640
-
ALAS2-2022-1772
-
ALPINE:CVE-2018-25032
-
ALSA-2022:1642
-
ALSA-2022:7813
-
ASA-202204-3
-
DSA-5111-1
-
ELSA-2022-1642
-
ELSA-2022-2201
-
ELSA-2022-2213
-
ELSA-2022-4584
-
ELSA-2022-4592
-
ELSA-2022-8420
-
ELSA-2022-9565
-
FEDORA-2022-12b89e2aad
-
FEDORA-2022-3a92250fd5
-
FEDORA-2022-413a80a102
-
FEDORA-2022-61cf1c64f6
-
FEDORA-2022-b58a85e167
-
FEDORA-2022-dbd2935e44
-
FREEBSD:36D10AF7-248D-11ED-856E-D4C9EF517024
-
FREEBSD:38F2E3A0-B61E-11EC-9EBC-1C697AA5A594
-
FREEBSD:8E150606-08C9-11ED-856E-D4C9EF517024
-
GLSA-202210-42
-
GLSA-202405-22
-
MS:CVE-2018-25032
-
openSUSE-SU-2022:1061-1
-
RHSA-2022:1642
-
RHSA-2022:2201
-
RHSA-2022:2213
-
RHSA-2022:4584
-
RHSA-2022:4592
-
RHSA-2022:7813
-
RHSA-2022:8420
-
RLSA-2022:1642
-
RLSA-2022:2201
-
RUBYSEC:NOKOGIRI-2018-25032
-
SSA:2022-087-01
-
SSA:2022-228-01
-
SUSE-SU-2022:1023-1
-
SUSE-SU-2022:1043-1
-
SUSE-SU-2022:1061-1
-
SUSE-SU-2022:1061-2
-
SUSE-SU-2022:1062-1
-
SUSE-SU-2022:3225-1
-
USN-5355-1
-
USN-5355-2
-
USN-5359-1
-
USN-5359-2
-
USN-5739-1
-
USN-6736-1
-
USN-6736-2
-
| Source | # ID | Name | URL |
|---|---|---|---|
| Self | ALSA-2022-2201 |
|
|
| CVE | CVE-2018-25032 |
|
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:rpm/almalinux/rsync?arch=x86_64&distro=almalinux-8.6 | almalinux |
rsync
|
< 3.1.3-14.el8_6.2 | almalinux-8.6 | x86_64 | |
| Affected | pkg:rpm/almalinux/rsync?arch=x86_64&distro=almalinux-8 | almalinux |
rsync
|
< 3.1.3-14.el8 | almalinux-8 | x86_64 | |
| Affected | pkg:rpm/almalinux/rsync?arch=aarch64&distro=almalinux-8.6 | almalinux |
rsync
|
< 3.1.3-14.el8_6.2 | almalinux-8.6 | aarch64 | |
| Affected | pkg:rpm/almalinux/rsync?arch=aarch64&distro=almalinux-8 | almalinux |
rsync
|
< 3.1.3-14.el8 | almalinux-8 | aarch64 | |
| Affected | pkg:rpm/almalinux/rsync-daemon?arch=noarch&distro=almalinux-8.6 | almalinux |
rsync-daemon
|
< 3.1.3-14.el8_6.2 | almalinux-8.6 | noarch | |
| Affected | pkg:rpm/almalinux/rsync-daemon?arch=noarch&distro=almalinux-8 | almalinux |
rsync-daemon
|
< 3.1.3-14.el8 | almalinux-8 | noarch |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |