[Deepin Integration]~[v25-Release] fix(rsync): CVE-2026-41035 use-after-free in receive_xattr by deepin-ci-robot@deepin-community/rsync by deepin-community-ci-bot[bot]

### Package information | 软件包信息

包名 | 版本
--  | --
rsync | [3.4.1+ds1-7deepin1](https://github.com/deepin-community/rsync/commit/80f1f3982198a391ea348ad6061fe2942a666349)

### Package repository address | 软件包仓库地址

    deb [trusted=yes] https://ci.deepin.com/repo/obs/deepin:/CI:/TestingIntegration:/test-integration-pr-3979/testing/ ./

### Changelog | 更新信息

#### rsync (3.4.1+ds1-7deepin1) unstable; urgency=medium

  * d/p/CVE-2026-41035.patch: Import upstream patch to fix CVE-2026-41035

    In rsync 3.0.1 through 3.4.1, receive_xattr relies on an untrusted
    length value during a qsort call, leading to a receiver use-after-free.
    (Closes: #1134617)




Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[Deepin Integration]~[v25-Release] fix(rsync): CVE-2026-41035 use-after-free in receive_xattr by deepin-ci-robot@deepin-community/rsync by deepin-community-ci-bot[bot] #13235

Package information | 软件包信息

Package repository address | 软件包仓库地址

Changelog | 更新信息

rsync (3.4.1+ds1-7deepin1) unstable; urgency=medium

Metadata

Assignees

Labels

Type

Fields

Projects

Milestone

Relationships

Development

[Deepin Integration]~[v25-Release] fix(rsync): CVE-2026-41035 use-after-free in receive_xattr by deepin-ci-robot@deepin-community/rsync by deepin-community-ci-bot[bot] #13235

Description

Package information | 软件包信息

Package repository address | 软件包仓库地址

Changelog | 更新信息

rsync (3.4.1+ds1-7deepin1) unstable; urgency=medium

Metadata

Metadata

Assignees

Labels

Type

Fields

Projects

Milestone

Relationships

Development

Issue actions