Red Hat Product Errata RHSA-2025:0324 - Security Advisory
Issued:
2025-01-15
Updated:
2025-01-15

RHSA-2025:0324 - Security Advisory

Synopsis

Important: rsync security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for rsync is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The rsync utility enables the users to copy and synchronize files locally or across a network. Synchronization with rsync is fast because rsync only sends the differences in files over the network instead of sending whole files. The rsync utility is also used as a mirroring tool.

Security Fix(es):

  • rsync: Info Leak via Uninitialized Stack Contents (CVE-2024-12085)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux for x86_64 9 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6 x86_64
  • Red Hat Enterprise Linux Server - AUS 9.6 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 9 s390x
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6 s390x
  • Red Hat Enterprise Linux for Power, little endian 9 ppc64le
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6 ppc64le
  • Red Hat Enterprise Linux for ARM 64 9 aarch64
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6 aarch64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6 x86_64
  • Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.6 aarch64
  • Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.6 s390x

Fixes

  • BZ - 2330539 - CVE-2024-12085 rsync: Info Leak via Uninitialized Stack Contents

Red Hat Enterprise Linux for x86_64 9

SRPM
rsync-3.2.3-20.el9_5.1.src.rpm SHA-256: 4f42723607753b0009f4075f42a7a6d4d5090c253c3127774b249eda524c4045
x86_64
rsync-3.2.3-20.el9_5.1.x86_64.rpm SHA-256: cb9b3bbbba8f4f00414da7ce1b2ae12c8f3313a7ddb8b1162d60a690ca7e3a98
rsync-daemon-3.2.3-20.el9_5.1.noarch.rpm SHA-256: fca6d4f756cd21b828885acee1c48b19802df54f51be8e628c2e220450640c12
rsync-debuginfo-3.2.3-20.el9_5.1.x86_64.rpm SHA-256: 97e72d2f15a0a72bded76eb97bbbfbb64d5e9c51d284e0e865689403fc3b93a0
rsync-debugsource-3.2.3-20.el9_5.1.x86_64.rpm SHA-256: a3bf47b228e51522fc173bb2b5d329507178d3825bae4770e8be06cc4e0ef0e2

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6

SRPM
rsync-3.2.3-20.el9_5.1.src.rpm SHA-256: 4f42723607753b0009f4075f42a7a6d4d5090c253c3127774b249eda524c4045
x86_64
rsync-3.2.3-20.el9_5.1.x86_64.rpm SHA-256: cb9b3bbbba8f4f00414da7ce1b2ae12c8f3313a7ddb8b1162d60a690ca7e3a98
rsync-daemon-3.2.3-20.el9_5.1.noarch.rpm SHA-256: fca6d4f756cd21b828885acee1c48b19802df54f51be8e628c2e220450640c12
rsync-debuginfo-3.2.3-20.el9_5.1.x86_64.rpm SHA-256: 97e72d2f15a0a72bded76eb97bbbfbb64d5e9c51d284e0e865689403fc3b93a0
rsync-debugsource-3.2.3-20.el9_5.1.x86_64.rpm SHA-256: a3bf47b228e51522fc173bb2b5d329507178d3825bae4770e8be06cc4e0ef0e2

Red Hat Enterprise Linux Server - AUS 9.6

SRPM
rsync-3.2.3-20.el9_5.1.src.rpm SHA-256: 4f42723607753b0009f4075f42a7a6d4d5090c253c3127774b249eda524c4045
x86_64
rsync-3.2.3-20.el9_5.1.x86_64.rpm SHA-256: cb9b3bbbba8f4f00414da7ce1b2ae12c8f3313a7ddb8b1162d60a690ca7e3a98
rsync-daemon-3.2.3-20.el9_5.1.noarch.rpm SHA-256: fca6d4f756cd21b828885acee1c48b19802df54f51be8e628c2e220450640c12
rsync-debuginfo-3.2.3-20.el9_5.1.x86_64.rpm SHA-256: 97e72d2f15a0a72bded76eb97bbbfbb64d5e9c51d284e0e865689403fc3b93a0
rsync-debugsource-3.2.3-20.el9_5.1.x86_64.rpm SHA-256: a3bf47b228e51522fc173bb2b5d329507178d3825bae4770e8be06cc4e0ef0e2

Red Hat Enterprise Linux for IBM z Systems 9

SRPM
rsync-3.2.3-20.el9_5.1.src.rpm SHA-256: 4f42723607753b0009f4075f42a7a6d4d5090c253c3127774b249eda524c4045
s390x
rsync-3.2.3-20.el9_5.1.s390x.rpm SHA-256: da733c8c0afb85c1d3c5c1c637c3e4ba23fc083f02fb4298915cb12891f151f3
rsync-daemon-3.2.3-20.el9_5.1.noarch.rpm SHA-256: fca6d4f756cd21b828885acee1c48b19802df54f51be8e628c2e220450640c12
rsync-debuginfo-3.2.3-20.el9_5.1.s390x.rpm SHA-256: 7f6b809a93d9609d0ef223bcb631b2d6b3ff82a6b69f53041120eb3a1355f311
rsync-debugsource-3.2.3-20.el9_5.1.s390x.rpm SHA-256: 184ae151146d02b633f80cf0219fbd32230742907d94e6b453cade3cbe4e1ad4

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6

SRPM
rsync-3.2.3-20.el9_5.1.src.rpm SHA-256: 4f42723607753b0009f4075f42a7a6d4d5090c253c3127774b249eda524c4045
s390x
rsync-3.2.3-20.el9_5.1.s390x.rpm SHA-256: da733c8c0afb85c1d3c5c1c637c3e4ba23fc083f02fb4298915cb12891f151f3
rsync-daemon-3.2.3-20.el9_5.1.noarch.rpm SHA-256: fca6d4f756cd21b828885acee1c48b19802df54f51be8e628c2e220450640c12
rsync-debuginfo-3.2.3-20.el9_5.1.s390x.rpm SHA-256: 7f6b809a93d9609d0ef223bcb631b2d6b3ff82a6b69f53041120eb3a1355f311
rsync-debugsource-3.2.3-20.el9_5.1.s390x.rpm SHA-256: 184ae151146d02b633f80cf0219fbd32230742907d94e6b453cade3cbe4e1ad4

Red Hat Enterprise Linux for Power, little endian 9

SRPM
rsync-3.2.3-20.el9_5.1.src.rpm SHA-256: 4f42723607753b0009f4075f42a7a6d4d5090c253c3127774b249eda524c4045
ppc64le
rsync-3.2.3-20.el9_5.1.ppc64le.rpm SHA-256: cdaf5865066cf04fdecbaeafdde5c69126a949426fe03966f4db30061ba5f67e
rsync-daemon-3.2.3-20.el9_5.1.noarch.rpm SHA-256: fca6d4f756cd21b828885acee1c48b19802df54f51be8e628c2e220450640c12
rsync-debuginfo-3.2.3-20.el9_5.1.ppc64le.rpm SHA-256: 215bd1812c5faa31271984104cf618183621c54db4d3ea70534c9d05d969f798
rsync-debugsource-3.2.3-20.el9_5.1.ppc64le.rpm SHA-256: b80811e512f9c0d676618dc571c1d2b800590560408d1a9ca4aadc3e47230b56

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6

SRPM
rsync-3.2.3-20.el9_5.1.src.rpm SHA-256: 4f42723607753b0009f4075f42a7a6d4d5090c253c3127774b249eda524c4045
ppc64le
rsync-3.2.3-20.el9_5.1.ppc64le.rpm SHA-256: cdaf5865066cf04fdecbaeafdde5c69126a949426fe03966f4db30061ba5f67e
rsync-daemon-3.2.3-20.el9_5.1.noarch.rpm SHA-256: fca6d4f756cd21b828885acee1c48b19802df54f51be8e628c2e220450640c12
rsync-debuginfo-3.2.3-20.el9_5.1.ppc64le.rpm SHA-256: 215bd1812c5faa31271984104cf618183621c54db4d3ea70534c9d05d969f798
rsync-debugsource-3.2.3-20.el9_5.1.ppc64le.rpm SHA-256: b80811e512f9c0d676618dc571c1d2b800590560408d1a9ca4aadc3e47230b56

Red Hat Enterprise Linux for ARM 64 9

SRPM
rsync-3.2.3-20.el9_5.1.src.rpm SHA-256: 4f42723607753b0009f4075f42a7a6d4d5090c253c3127774b249eda524c4045
aarch64
rsync-3.2.3-20.el9_5.1.aarch64.rpm SHA-256: cfe364a3eec12784b2397428ed21d7300a3cab826ec04208ff8e7a8539b73ccd
rsync-daemon-3.2.3-20.el9_5.1.noarch.rpm SHA-256: fca6d4f756cd21b828885acee1c48b19802df54f51be8e628c2e220450640c12
rsync-debuginfo-3.2.3-20.el9_5.1.aarch64.rpm SHA-256: 7555a131a82851aed10501f87710e4bbf6a7cc92e2a44be751f07064c400ec71
rsync-debugsource-3.2.3-20.el9_5.1.aarch64.rpm SHA-256: b84c81107791c93c257038baa1dfa78b08d714bec0b697dab33a6f8ed4f780fe

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6

SRPM
rsync-3.2.3-20.el9_5.1.src.rpm SHA-256: 4f42723607753b0009f4075f42a7a6d4d5090c253c3127774b249eda524c4045
aarch64
rsync-3.2.3-20.el9_5.1.aarch64.rpm SHA-256: cfe364a3eec12784b2397428ed21d7300a3cab826ec04208ff8e7a8539b73ccd
rsync-daemon-3.2.3-20.el9_5.1.noarch.rpm SHA-256: fca6d4f756cd21b828885acee1c48b19802df54f51be8e628c2e220450640c12
rsync-debuginfo-3.2.3-20.el9_5.1.aarch64.rpm SHA-256: 7555a131a82851aed10501f87710e4bbf6a7cc92e2a44be751f07064c400ec71
rsync-debugsource-3.2.3-20.el9_5.1.aarch64.rpm SHA-256: b84c81107791c93c257038baa1dfa78b08d714bec0b697dab33a6f8ed4f780fe

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6

SRPM
rsync-3.2.3-20.el9_5.1.src.rpm SHA-256: 4f42723607753b0009f4075f42a7a6d4d5090c253c3127774b249eda524c4045
ppc64le
rsync-3.2.3-20.el9_5.1.ppc64le.rpm SHA-256: cdaf5865066cf04fdecbaeafdde5c69126a949426fe03966f4db30061ba5f67e
rsync-daemon-3.2.3-20.el9_5.1.noarch.rpm SHA-256: fca6d4f756cd21b828885acee1c48b19802df54f51be8e628c2e220450640c12
rsync-debuginfo-3.2.3-20.el9_5.1.ppc64le.rpm SHA-256: 215bd1812c5faa31271984104cf618183621c54db4d3ea70534c9d05d969f798
rsync-debugsource-3.2.3-20.el9_5.1.ppc64le.rpm SHA-256: b80811e512f9c0d676618dc571c1d2b800590560408d1a9ca4aadc3e47230b56

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6

SRPM
rsync-3.2.3-20.el9_5.1.src.rpm SHA-256: 4f42723607753b0009f4075f42a7a6d4d5090c253c3127774b249eda524c4045
x86_64
rsync-3.2.3-20.el9_5.1.x86_64.rpm SHA-256: cb9b3bbbba8f4f00414da7ce1b2ae12c8f3313a7ddb8b1162d60a690ca7e3a98
rsync-daemon-3.2.3-20.el9_5.1.noarch.rpm SHA-256: fca6d4f756cd21b828885acee1c48b19802df54f51be8e628c2e220450640c12
rsync-debuginfo-3.2.3-20.el9_5.1.x86_64.rpm SHA-256: 97e72d2f15a0a72bded76eb97bbbfbb64d5e9c51d284e0e865689403fc3b93a0
rsync-debugsource-3.2.3-20.el9_5.1.x86_64.rpm SHA-256: a3bf47b228e51522fc173bb2b5d329507178d3825bae4770e8be06cc4e0ef0e2

Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.6

SRPM
rsync-3.2.3-20.el9_5.1.src.rpm SHA-256: 4f42723607753b0009f4075f42a7a6d4d5090c253c3127774b249eda524c4045
aarch64
rsync-3.2.3-20.el9_5.1.aarch64.rpm SHA-256: cfe364a3eec12784b2397428ed21d7300a3cab826ec04208ff8e7a8539b73ccd
rsync-daemon-3.2.3-20.el9_5.1.noarch.rpm SHA-256: fca6d4f756cd21b828885acee1c48b19802df54f51be8e628c2e220450640c12
rsync-debuginfo-3.2.3-20.el9_5.1.aarch64.rpm SHA-256: 7555a131a82851aed10501f87710e4bbf6a7cc92e2a44be751f07064c400ec71
rsync-debugsource-3.2.3-20.el9_5.1.aarch64.rpm SHA-256: b84c81107791c93c257038baa1dfa78b08d714bec0b697dab33a6f8ed4f780fe

Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.6

SRPM
rsync-3.2.3-20.el9_5.1.src.rpm SHA-256: 4f42723607753b0009f4075f42a7a6d4d5090c253c3127774b249eda524c4045
s390x
rsync-3.2.3-20.el9_5.1.s390x.rpm SHA-256: da733c8c0afb85c1d3c5c1c637c3e4ba23fc083f02fb4298915cb12891f151f3
rsync-daemon-3.2.3-20.el9_5.1.noarch.rpm SHA-256: fca6d4f756cd21b828885acee1c48b19802df54f51be8e628c2e220450640c12
rsync-debuginfo-3.2.3-20.el9_5.1.s390x.rpm SHA-256: 7f6b809a93d9609d0ef223bcb631b2d6b3ff82a6b69f53041120eb3a1355f311
rsync-debugsource-3.2.3-20.el9_5.1.s390x.rpm SHA-256: 184ae151146d02b633f80cf0219fbd32230742907d94e6b453cade3cbe4e1ad4

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.