Issued:
2022-05-18
Updated:
2022-05-18

RHSA-2022:4592 - Security Advisory

Synopsis

Important: rsync security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for rsync is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The rsync utility enables the users to copy and synchronize files locally or across a network. Synchronization with rsync is fast because rsync only sends the differences in files over the network instead of sending whole files. The rsync utility is also used as a mirroring tool.

Security Fix(es):

  • zlib: A flaw found in zlib when compressing (not decompressing) certain inputs (CVE-2018-25032)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux for x86_64 9 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.0 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 9 s390x
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.0 s390x
  • Red Hat Enterprise Linux for Power, little endian 9 ppc64le
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.0 ppc64le
  • Red Hat Enterprise Linux for ARM 64 9 aarch64
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.0 aarch64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0 x86_64
  • Red Hat Enterprise Linux Server for ARM 64 - 4 years of updates 9.0 aarch64
  • Red Hat Enterprise Linux Server for IBM z Systems - 4 years of updates 9.0 s390x

Fixes

  • BZ - 2067945 - CVE-2018-25032 zlib: A flaw found in zlib when compressing (not decompressing) certain inputs

Red Hat Enterprise Linux for x86_64 9

SRPM
rsync-3.2.3-9.el9_0.1.src.rpm SHA-256: 14fff187f0170ce46bba6a14d0c9e9dffdb78e9608166df8421985c27c6247e3
x86_64
rsync-3.2.3-9.el9_0.1.x86_64.rpm SHA-256: 9b5db090c4614f8221bd84e9bf47ba413fd61f1e13b2323f6b7a1abd018d5b08
rsync-daemon-3.2.3-9.el9_0.1.noarch.rpm SHA-256: fdd76e5fa9d1a510273eb9f86dcb0abe85e800d7930f73c6d5f3b16075cf8c72
rsync-debuginfo-3.2.3-9.el9_0.1.x86_64.rpm SHA-256: dc4f2e0a0b22cd7e9f12c8f77d381a35c30c0f5c9cad353936ebdef7eb10ec1b
rsync-debugsource-3.2.3-9.el9_0.1.x86_64.rpm SHA-256: 1d76f31d59f0fa20567060c8f16d63c37237d7d33a12f29dea7322e8e15f7204

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.0

SRPM
rsync-3.2.3-9.el9_0.1.src.rpm SHA-256: 14fff187f0170ce46bba6a14d0c9e9dffdb78e9608166df8421985c27c6247e3
x86_64
rsync-3.2.3-9.el9_0.1.x86_64.rpm SHA-256: 9b5db090c4614f8221bd84e9bf47ba413fd61f1e13b2323f6b7a1abd018d5b08
rsync-daemon-3.2.3-9.el9_0.1.noarch.rpm SHA-256: fdd76e5fa9d1a510273eb9f86dcb0abe85e800d7930f73c6d5f3b16075cf8c72
rsync-debuginfo-3.2.3-9.el9_0.1.x86_64.rpm SHA-256: dc4f2e0a0b22cd7e9f12c8f77d381a35c30c0f5c9cad353936ebdef7eb10ec1b
rsync-debugsource-3.2.3-9.el9_0.1.x86_64.rpm SHA-256: 1d76f31d59f0fa20567060c8f16d63c37237d7d33a12f29dea7322e8e15f7204

Red Hat Enterprise Linux for IBM z Systems 9

SRPM
rsync-3.2.3-9.el9_0.1.src.rpm SHA-256: 14fff187f0170ce46bba6a14d0c9e9dffdb78e9608166df8421985c27c6247e3
s390x
rsync-3.2.3-9.el9_0.1.s390x.rpm SHA-256: 56330d5d16a0f645b5324a1339db8e7f8aae98ce95ee23a00487da6067770dd3
rsync-daemon-3.2.3-9.el9_0.1.noarch.rpm SHA-256: fdd76e5fa9d1a510273eb9f86dcb0abe85e800d7930f73c6d5f3b16075cf8c72
rsync-debuginfo-3.2.3-9.el9_0.1.s390x.rpm SHA-256: c433dd15db58ad31ecebf0fb63d56bddca27e1c781716565c1d183a30afc0d95
rsync-debugsource-3.2.3-9.el9_0.1.s390x.rpm SHA-256: 3e3d45f53b5431ee073c0aa740d629fb74b301829d1200b2728bfb12b5e44d9b

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.0

SRPM
rsync-3.2.3-9.el9_0.1.src.rpm SHA-256: 14fff187f0170ce46bba6a14d0c9e9dffdb78e9608166df8421985c27c6247e3
s390x
rsync-3.2.3-9.el9_0.1.s390x.rpm SHA-256: 56330d5d16a0f645b5324a1339db8e7f8aae98ce95ee23a00487da6067770dd3
rsync-daemon-3.2.3-9.el9_0.1.noarch.rpm SHA-256: fdd76e5fa9d1a510273eb9f86dcb0abe85e800d7930f73c6d5f3b16075cf8c72
rsync-debuginfo-3.2.3-9.el9_0.1.s390x.rpm SHA-256: c433dd15db58ad31ecebf0fb63d56bddca27e1c781716565c1d183a30afc0d95
rsync-debugsource-3.2.3-9.el9_0.1.s390x.rpm SHA-256: 3e3d45f53b5431ee073c0aa740d629fb74b301829d1200b2728bfb12b5e44d9b

Red Hat Enterprise Linux for Power, little endian 9

SRPM
rsync-3.2.3-9.el9_0.1.src.rpm SHA-256: 14fff187f0170ce46bba6a14d0c9e9dffdb78e9608166df8421985c27c6247e3
ppc64le
rsync-3.2.3-9.el9_0.1.ppc64le.rpm SHA-256: 766b0552f535a806b2954b96dbc142ee5bc8144f8071c944d11852ddfc2c931c
rsync-daemon-3.2.3-9.el9_0.1.noarch.rpm SHA-256: fdd76e5fa9d1a510273eb9f86dcb0abe85e800d7930f73c6d5f3b16075cf8c72
rsync-debuginfo-3.2.3-9.el9_0.1.ppc64le.rpm SHA-256: fdff471aa3a1d09dae787b9a9233aa2e7035648d405f13021bb67caa6dfd10bb
rsync-debugsource-3.2.3-9.el9_0.1.ppc64le.rpm SHA-256: 59621258f3d63d27a31d3a01fffc0a77bf4a5b1f5db4521c8a398a73df856756

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.0

SRPM
rsync-3.2.3-9.el9_0.1.src.rpm SHA-256: 14fff187f0170ce46bba6a14d0c9e9dffdb78e9608166df8421985c27c6247e3
ppc64le
rsync-3.2.3-9.el9_0.1.ppc64le.rpm SHA-256: 766b0552f535a806b2954b96dbc142ee5bc8144f8071c944d11852ddfc2c931c
rsync-daemon-3.2.3-9.el9_0.1.noarch.rpm SHA-256: fdd76e5fa9d1a510273eb9f86dcb0abe85e800d7930f73c6d5f3b16075cf8c72
rsync-debuginfo-3.2.3-9.el9_0.1.ppc64le.rpm SHA-256: fdff471aa3a1d09dae787b9a9233aa2e7035648d405f13021bb67caa6dfd10bb
rsync-debugsource-3.2.3-9.el9_0.1.ppc64le.rpm SHA-256: 59621258f3d63d27a31d3a01fffc0a77bf4a5b1f5db4521c8a398a73df856756

Red Hat Enterprise Linux for ARM 64 9

SRPM
rsync-3.2.3-9.el9_0.1.src.rpm SHA-256: 14fff187f0170ce46bba6a14d0c9e9dffdb78e9608166df8421985c27c6247e3
aarch64
rsync-3.2.3-9.el9_0.1.aarch64.rpm SHA-256: 240b904619704c9316660a893f38354e0b4437e8a697ba8e3baae32055518bdb
rsync-daemon-3.2.3-9.el9_0.1.noarch.rpm SHA-256: fdd76e5fa9d1a510273eb9f86dcb0abe85e800d7930f73c6d5f3b16075cf8c72
rsync-debuginfo-3.2.3-9.el9_0.1.aarch64.rpm SHA-256: b4966ee0c9e20b92266da344d5de96e1a1a90d87723ba2e44b8ab924826db49b
rsync-debugsource-3.2.3-9.el9_0.1.aarch64.rpm SHA-256: beec3d5d9e499d36fc89ddf050f835ea0f1387ea258a08910f54bf48089af489

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.0

SRPM
rsync-3.2.3-9.el9_0.1.src.rpm SHA-256: 14fff187f0170ce46bba6a14d0c9e9dffdb78e9608166df8421985c27c6247e3
aarch64
rsync-3.2.3-9.el9_0.1.aarch64.rpm SHA-256: 240b904619704c9316660a893f38354e0b4437e8a697ba8e3baae32055518bdb
rsync-daemon-3.2.3-9.el9_0.1.noarch.rpm SHA-256: fdd76e5fa9d1a510273eb9f86dcb0abe85e800d7930f73c6d5f3b16075cf8c72
rsync-debuginfo-3.2.3-9.el9_0.1.aarch64.rpm SHA-256: b4966ee0c9e20b92266da344d5de96e1a1a90d87723ba2e44b8ab924826db49b
rsync-debugsource-3.2.3-9.el9_0.1.aarch64.rpm SHA-256: beec3d5d9e499d36fc89ddf050f835ea0f1387ea258a08910f54bf48089af489

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0

SRPM
rsync-3.2.3-9.el9_0.1.src.rpm SHA-256: 14fff187f0170ce46bba6a14d0c9e9dffdb78e9608166df8421985c27c6247e3
ppc64le
rsync-3.2.3-9.el9_0.1.ppc64le.rpm SHA-256: 766b0552f535a806b2954b96dbc142ee5bc8144f8071c944d11852ddfc2c931c
rsync-daemon-3.2.3-9.el9_0.1.noarch.rpm SHA-256: fdd76e5fa9d1a510273eb9f86dcb0abe85e800d7930f73c6d5f3b16075cf8c72
rsync-debuginfo-3.2.3-9.el9_0.1.ppc64le.rpm SHA-256: fdff471aa3a1d09dae787b9a9233aa2e7035648d405f13021bb67caa6dfd10bb
rsync-debugsource-3.2.3-9.el9_0.1.ppc64le.rpm SHA-256: 59621258f3d63d27a31d3a01fffc0a77bf4a5b1f5db4521c8a398a73df856756

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0

SRPM
rsync-3.2.3-9.el9_0.1.src.rpm SHA-256: 14fff187f0170ce46bba6a14d0c9e9dffdb78e9608166df8421985c27c6247e3
x86_64
rsync-3.2.3-9.el9_0.1.x86_64.rpm SHA-256: 9b5db090c4614f8221bd84e9bf47ba413fd61f1e13b2323f6b7a1abd018d5b08
rsync-daemon-3.2.3-9.el9_0.1.noarch.rpm SHA-256: fdd76e5fa9d1a510273eb9f86dcb0abe85e800d7930f73c6d5f3b16075cf8c72
rsync-debuginfo-3.2.3-9.el9_0.1.x86_64.rpm SHA-256: dc4f2e0a0b22cd7e9f12c8f77d381a35c30c0f5c9cad353936ebdef7eb10ec1b
rsync-debugsource-3.2.3-9.el9_0.1.x86_64.rpm SHA-256: 1d76f31d59f0fa20567060c8f16d63c37237d7d33a12f29dea7322e8e15f7204

Red Hat Enterprise Linux Server for ARM 64 - 4 years of updates 9.0

SRPM
rsync-3.2.3-9.el9_0.1.src.rpm SHA-256: 14fff187f0170ce46bba6a14d0c9e9dffdb78e9608166df8421985c27c6247e3
aarch64
rsync-3.2.3-9.el9_0.1.aarch64.rpm SHA-256: 240b904619704c9316660a893f38354e0b4437e8a697ba8e3baae32055518bdb
rsync-daemon-3.2.3-9.el9_0.1.noarch.rpm SHA-256: fdd76e5fa9d1a510273eb9f86dcb0abe85e800d7930f73c6d5f3b16075cf8c72
rsync-debuginfo-3.2.3-9.el9_0.1.aarch64.rpm SHA-256: b4966ee0c9e20b92266da344d5de96e1a1a90d87723ba2e44b8ab924826db49b
rsync-debugsource-3.2.3-9.el9_0.1.aarch64.rpm SHA-256: beec3d5d9e499d36fc89ddf050f835ea0f1387ea258a08910f54bf48089af489

Red Hat Enterprise Linux Server for IBM z Systems - 4 years of updates 9.0

SRPM
rsync-3.2.3-9.el9_0.1.src.rpm SHA-256: 14fff187f0170ce46bba6a14d0c9e9dffdb78e9608166df8421985c27c6247e3
s390x
rsync-3.2.3-9.el9_0.1.s390x.rpm SHA-256: 56330d5d16a0f645b5324a1339db8e7f8aae98ce95ee23a00487da6067770dd3
rsync-daemon-3.2.3-9.el9_0.1.noarch.rpm SHA-256: fdd76e5fa9d1a510273eb9f86dcb0abe85e800d7930f73c6d5f3b16075cf8c72
rsync-debuginfo-3.2.3-9.el9_0.1.s390x.rpm SHA-256: c433dd15db58ad31ecebf0fb63d56bddca27e1c781716565c1d183a30afc0d95
rsync-debugsource-3.2.3-9.el9_0.1.s390x.rpm SHA-256: 3e3d45f53b5431ee073c0aa740d629fb74b301829d1200b2728bfb12b5e44d9b

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.