-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 20 May 2026 08:10:17 +0200
Source: rsync
Binary: rsync rsync-dbgsym
Architecture: s390x
Version: 3.2.7-1+deb12u5
Distribution: bookworm-security
Urgency: high
Maintainer: s390x Build Daemon (zandonai) <buildd_s390x-zandonai@buildd.debian.org>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Description:
 rsync      - fast, versatile, remote (and local) file-copying tool
Changes:
 rsync (3.2.7-1+deb12u5) bookworm-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Address several vulnerabilities
     - CVE-2026-29518: Symlink-race TOCTOU in daemon (use chroot = no)
     - CVE-2026-43617: Authorization bypass via hostname resolution (daemon
       chroot mode)
     - CVE-2026-43618: Integer overflow in compressed-token decoder (info
       disclosure)
     - CVE-2026-43619: Symlink-race conditions in path-based syscalls
     - CVE-2026-43620: Out-of-bounds array read in receiver recv_files()
   * d/t/upstream-tests: Build t_chmod_secure and t_secure_relpath
   * Fix relative paths in aclocal.m4 copy upstream for
     m4/{have_type,header_major_fixed,socklen_t}.m4
Checksums-Sha1:
 a6bba295a4698a7ea0134372153014fb8ac9cb9f 522460 rsync-dbgsym_3.2.7-1+deb12u5_s390x.deb
 c781178b4c38ebf207808c650a17ec42b6de1b2a 6957 rsync_3.2.7-1+deb12u5_s390x-buildd.buildinfo
 603daa22a4d20a8e5b249ff71bf6b535f2fedaed 403452 rsync_3.2.7-1+deb12u5_s390x.deb
Checksums-Sha256:
 d3dd6f4252675dbdc9110dc8d42b7512b5363b837cd537d784531fef75c8a79b 522460 rsync-dbgsym_3.2.7-1+deb12u5_s390x.deb
 1f9eb46e884e5b10f1460e7fe5d165ff2204eb6a4d7ec6ce58c0fa58d1a6927d 6957 rsync_3.2.7-1+deb12u5_s390x-buildd.buildinfo
 68e529aa4324d1abc41bc66296f2f4fa567498931881ec2bba29db2bd489ba22 403452 rsync_3.2.7-1+deb12u5_s390x.deb
Files:
 439fcea9a296f37780644a5338714789 522460 debug optional rsync-dbgsym_3.2.7-1+deb12u5_s390x.deb
 c053391ce77e07e4397f27d9ccdecd22 6957 net optional rsync_3.2.7-1+deb12u5_s390x-buildd.buildinfo
 912f71712ee0701b5a81116d400cb513 403452 net optional rsync_3.2.7-1+deb12u5_s390x.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEENly2ANlpa4eeqnluvVOPI7pYNpgFAmoNYqUACgkQvVOPI7pY
NpgXqA/5AXNGcYhYylwnPnIBYxA+dN8ivfofpZwcHVhxKTdLl94dItdMHJjQqfvm
qFTeihE5vgPTnXC4ZQLVLQomMYSOrpvAQsIkZMo0GZmgiITvCWQRSkFZUMvTXwBH
uCYHJcj/buKxQylRrYEuuK+i6LqYMWUPMevr/uLjD/o9LEQqWieztWKh2Z60X/25
K06dw/Loaw1XgL6KYIfE54useBHoZBV2p8+gRFJ9Dc/M3UnB0NQWzESkKph3Pbbe
0EkKMEQHV0AlMFKW+PgGO01HRjM8g/3GxRc3WqByYpSHl6t4LMkFv9buRQv9wVIg
FBT1DXPwXACR6EDCutcmTQfwPQ/Ux4GbXeKRBRZDVvs7yNP4OfZl63P6tVW294hy
tpC4a4fMnIHxu3mpbiLyp7RqnlNMaHjs//svHLajB0ozRaztGyMrL+hWsmAyHfsG
7EY6XC3M4dbLOx00ppnqRRnCRsyM/B9G3rVVHOh3HzulwvicOz/vqdIHEpufMT7W
llNbYRgTbz0sPhXRoaTRVasFUXUmAF8ADpvq4nTw00NPgqJCdKtKW1H3NaBnVRvl
JqIKtnM5RW1VeXcmxougsV27gnHh9oEt2h2gBoaGnUgemDIIrmeuvENjfUCl9j9M
Im441UBcrgBojF1XbqKYOOVTX5PY87EhzCFXzPO6QiuHd81L3hk=
=Wgsq
-----END PGP SIGNATURE-----