Mon Aug 15 20:23:47 UTC 202220220815202347_15.0

patches/packages/rsync-3.2.5-x86_64-1_slack15.0.txz:  Upgraded.
  Added some file-list safety checking that helps to ensure that a rogue
  sending rsync can't add unrequested top-level names and/or include recursive
  names that should have been excluded by the sender. These extra safety
  checks only require the receiver rsync to be updated. When dealing with an
  untrusted sending host, it is safest to copy into a dedicated destination
  directory for the remote content (i.e. don't copy into a destination
  directory that contains files that aren't from the remote host unless you
  trust the remote host).
  For more information, see:
   https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29154
  (* Security fix *)

1 files changed, 14 insertions, 0 deletions

diff --git a/ChangeLog.txt b/ChangeLog.txt
index 3f043ad8a..cae87ac9b 100644
--- a/ChangeLog.txt
+++ b/ChangeLog.txt
@@ -1,3 +1,17 @@
+Mon Aug 15 20:23:47 UTC 2022
+patches/packages/rsync-3.2.5-x86_64-1_slack15.0.txz:  Upgraded.
+  Added some file-list safety checking that helps to ensure that a rogue
+  sending rsync can't add unrequested top-level names and/or include recursive
+  names that should have been excluded by the sender. These extra safety
+  checks only require the receiver rsync to be updated. When dealing with an
+  untrusted sending host, it is safest to copy into a dedicated destination
+  directory for the remote content (i.e. don't copy into a destination
+  directory that contains files that aren't from the remote host unless you
+  trust the remote host).
+  For more information, see:
+   https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29154
+  (* Security fix *)
++--------------------------+
 Sat Aug 13 19:12:40 UTC 2022
 patches/packages/glibc-zoneinfo-2022b-noarch-1_slack15.0.txz:  Upgraded.
   This package provides the latest timezone updates.