-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 27 Nov 2025 21:29:04 -0300
Source: rsync
Architecture: source
Version: 3.4.1+ds1-5+deb13u1
Distribution: trixie
Urgency: medium
Maintainer: Samuel Henrique <samueloph@debian.org>
Changed-By: Matheus Polkorny <mpolkorny@gmail.com>
Changes:
 rsync (3.4.1+ds1-5+deb13u1) trixie; urgency=medium
 .
   * Team upload.
   * d/p/CVE-2025-10158.patch: Import upstream patch to fix CVE-2025-10158
 .
     A malicious client acting as the receiver of an rsync file transfer
     can trigger an out of bounds read of a heap based buffer,
     via a negative array index.
Checksums-Sha1:
 fe45c30d335b9ebaf8e583ebbfac494bfe06c8a8 2224 rsync_3.4.1+ds1-5+deb13u1.dsc
 0c5e6d29a72058777cbea8c3ca2d498914f351ab 36672 rsync_3.4.1+ds1-5+deb13u1.debian.tar.xz
 7ef369b3b21e37220b84445c78b57053b3a72c7e 6919 rsync_3.4.1+ds1-5+deb13u1_amd64.buildinfo
Checksums-Sha256:
 7e0d5d074c2c371f38b38a71ebe6a6802c3bee567dbd93d087fc4349e4daca55 2224 rsync_3.4.1+ds1-5+deb13u1.dsc
 9aeeaf1688d2d4b6aa252e5399327bba04bc0aed372f84c69f25f22f51ee23f7 36672 rsync_3.4.1+ds1-5+deb13u1.debian.tar.xz
 b4fd1054974294d99415c8de2e57034d5f0a97dec5fc17f553cf093841394e5e 6919 rsync_3.4.1+ds1-5+deb13u1_amd64.buildinfo
Files:
 0f848ebae3e624714df349158a94d381 2224 net optional rsync_3.4.1+ds1-5+deb13u1.dsc
 1187b8616a5cc0d2ed12474e880e1a4c 36672 net optional rsync_3.4.1+ds1-5+deb13u1.debian.tar.xz
 0b0bbbbe53471eaffb43e94b294a8dfa 6919 net optional rsync_3.4.1+ds1-5+deb13u1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEBdtqg34QX0sdAsVfu6n6rcz7RwcFAmlHl1YACgkQu6n6rcz7
RwcGehAApoCzEzRjkwFkKZpTr77SU5k+xbrr2SQjwLJXtnQUjsF0oh9Tykvsdg/U
Jd5VngtOOvhj1K3wNMMA4/h0AHa81zGGuMwudl3JblF7mr2kHCZqbU4EVpNCwLI0
fGijmJ0UC0cO8Az7WBtOcXtaoR0AB0gUdSkRNFElIvohVOoyw/kxSprb7UwVKQ5B
CkXEce36PIyKUgUKxRT7fx9rYrgP3XdidNVDc3gM1hVOVEsVuTSEr1JaUy/OOVMD
34sruAvUR3/uEmHIU9imkC0Hcs8z4KaMn7HZ+mIRUan00yFi0CnPCAp/rANhfkif
hgcxotKfGTWHBnxn10iI0NeKxwXzZM+CdGqyuKj7VrWR3QG2oi8IQL2uwWd1dZ9H
j/Pz+nlpbgcCD5CibieqARmJjnIEernUH64GzyzcRmTSkt7FJx0xwgodVA7nFVry
K2XQbHPlHWJtXEAY0Z/Fbgu95YM/HeLKya8UGYXwchFRxb9JqayRulow1ZKyph6p
cywvU8qc47x++LOLHjtCks7XfQFIX9FDzbTorqiflODchy0auHSeg81Hx8Showvo
bK9A4bqSTOIH8xtP290ILnewHMOFbtbwQrk+zV0dcOzicxZgOgew9YHvtFJBeLcl
uIyGezEzJ++vrPsSCEbQFxv0rQ4lnH1NVyo4Kpm4CKl6sx5ddKY=
=jbaO
-----END PGP SIGNATURE-----