mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-01-29 21:08:42 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
79aeef5d3545ad4ab3c424dfdba07d36ce2a5dc7
poky/meta/recipes-devtools/rsync/rsync_3.2.7.bb
Archana Polampalli 6ba335b401 rsync: fix CVE-2024-12747 
A flaw was found in rsync. This vulnerability arises from a race condition during
rsync's handling of symbolic links. Rsync's default behavior when encountering
symbolic links is to skip them. If an attacker replaced a regular file with a
symbolic link at the right time, it was possible to bypass the default behavior
and traverse symbolic links. Depending on the privileges of the rsync process,
an attacker could leak sensitive information, potentially leading to privilege escalation.

(From OE-Core rev: e85beb88add5e94567d7221e00cabfb3d5010be7)

Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
2025-01-25 06:20:37 -08:00

80 lines
3.3 KiB
BlitzBasic
Raw Blame History

SUMMARY = "File synchronization tool"
HOMEPAGE = "http://rsync.samba.org/"
DESCRIPTION = "rsync is an open source utility that provides fast incremental file transfer."
BUGTRACKER = "http://rsync.samba.org/bugzilla.html"
SECTION = "console/network"
# GPL-2.0-or-later (<< 3.0.0), GPL-3.0-or-later (>= 3.0.0)
# Includes opennsh and xxhash dynamic link exception
LICENSE = "GPL-3.0-or-later"
LIC_FILES_CHKSUM = "file://COPYING;md5=24423708fe159c9d12be1ea29fcb18c7"
DEPENDS = "popt"
SRC_URI = "https://download.samba.org/pub/${BPN}/src/${BP}.tar.gz \
file://rsyncd.conf \
file://makefile-no-rebuild.patch \
file://determism.patch \
file://0001-Add-missing-prototypes-to-function-declarations.patch \
file://CVE-2024-12084-0001.patch \
file://CVE-2024-12084-0002.patch \
file://CVE-2024-12085.patch \
file://CVE-2024-12086-0001.patch \
file://CVE-2024-12086-0002.patch \
file://CVE-2024-12086-0003.patch \
file://CVE-2024-12086-0004.patch \
file://CVE-2024-12087-0001.patch \
file://CVE-2024-12087-0002.patch \
file://CVE-2024-12087-0003.patch \
file://CVE-2024-12088.patch \
file://CVE-2024-12747.patch \
"
SRC_URI[sha256sum] = "4e7d9d3f6ed10878c58c5fb724a67dacf4b6aac7340b13e488fb2dc41346f2bb"
inherit autotools-brokensep
PACKAGECONFIG ??= "acl attr \
${@bb.utils.filter('DISTRO_FEATURES', 'ipv6', d)} \
"
PACKAGECONFIG[acl] = "--enable-acl-support,--disable-acl-support,acl,"
PACKAGECONFIG[attr] = "--enable-xattr-support,--disable-xattr-support,attr,"
PACKAGECONFIG[ipv6] = "--enable-ipv6,--disable-ipv6,"
PACKAGECONFIG[lz4] = "--enable-lz4,--disable-lz4,lz4"
PACKAGECONFIG[openssl] = "--enable-openssl,--disable-openssl,openssl"
PACKAGECONFIG[xxhash] = "--enable-xxhash,--disable-xxhash,xxhash"
PACKAGECONFIG[zstd] = "--enable-zstd,--disable-zstd,zstd"
# By default, if crosscompiling, rsync disables a number of
# capabilities, hardlinking symlinks and special files (i.e. devices)
CACHED_CONFIGUREVARS += "rsync_cv_can_hardlink_special=yes rsync_cv_can_hardlink_symlink=yes"
EXTRA_OEMAKE = 'STRIP=""'
EXTRA_OECONF = "--disable-md2man --with-nobody-group=nogroup"
#| ./simd-checksum-x86_64.cpp: In function 'uint32_t get_checksum1_cpp(char*, int32_t)':
#| ./simd-checksum-x86_64.cpp:89:52: error: multiversioning needs 'ifunc' which is not supported on this target
#| 89 | __attribute__ ((target("default"))) MVSTATIC int32 get_checksum1_avx2_64(schar* buf, int32 len, int32 i, uint32* ps1, uint32* ps2) { return i; }
#| | ^~~~~~~~~~~~~~~~~~~~~
#| ./simd-checksum-x86_64.cpp:480:1: error: use of multiversioned function without a default
#| 480 | }
#| | ^
#| If you can't fix the issue, re-run ./configure with --disable-roll-simd.
EXTRA_OECONF:append:libc-musl = " --disable-roll-simd"
# rsync 3.0 uses configure.sh instead of configure, and
# makefile checks the existence of configure.sh
do_configure:prepend () {
rm -f ${S}/configure ${S}/configure.sh
}
do_configure:append () {
cp -f ${S}/configure ${S}/configure.sh
}
do_install:append() {
install -d ${D}${sysconfdir}
install -m 0644 ${WORKDIR}/rsyncd.conf ${D}${sysconfdir}
}
BBCLASSEXTEND = "native nativesdk"
Reference in New Issue View Git Blame Copy Permalink