Index: head/net/rsync/Makefile =================================================================== --- head/net/rsync/Makefile +++ head/net/rsync/Makefile @@ -2,8 +2,7 @@ # $FreeBSD$ PORTNAME= rsync -PORTVERSION= 3.1.2 -PORTREVISION= 8 +DISTVERSION= 3.1.3 CATEGORIES= net ipv6 MASTER_SITES= http://rsync.samba.org/ftp/rsync/ \ https://rsync.samba.org/ftp/rsync/ \ Index: head/net/rsync/distinfo =================================================================== --- head/net/rsync/distinfo +++ head/net/rsync/distinfo @@ -1,4 +1,5 @@ -SHA256 (rsync-3.1.2.tar.gz) = ecfa62a7fa3c4c18b9eccd8c16eaddee4bd308a76ea50b5c02a5840f09c0a1c2 -SIZE (rsync-3.1.2.tar.gz) = 892724 -SHA256 (rsync-patches-3.1.2.tar.gz) = edeebe9f2532ae291ce43fb86c9d7aaf80ba4edfdad25dce6d42dc33286b2326 -SIZE (rsync-patches-3.1.2.tar.gz) = 174333 +TIMESTAMP = 1518368927 +SHA256 (rsync-3.1.3.tar.gz) = 55cc554efec5fdaad70de921cd5a5eeb6c29a95524c715f3bbf849235b0800c0 +SIZE (rsync-3.1.3.tar.gz) = 905908 +SHA256 (rsync-patches-3.1.3.tar.gz) = 0dc2848f20ca75c07a30c3237ccf8d61b61082ae7de94758a27dac350c99fb98 +SIZE (rsync-patches-3.1.3.tar.gz) = 174524 Index: head/net/rsync/files/patch-CVE-2017-16548 =================================================================== --- head/net/rsync/files/patch-CVE-2017-16548 +++ head/net/rsync/files/patch-CVE-2017-16548 @@ -1,31 +0,0 @@ -From: Wayne Davison -Date: Sun, 5 Nov 2017 11:33:15 -0800 -Subject: Enforce trailing \0 when receiving xattr name values. Fixes bug - 13112. -Origin: https://git.samba.org/rsync.git/?p=rsync.git;a=commit;h=47a63d90e71d3e19e0e96052bb8c6b9cb140ecc1 -Bug: https://bugzilla.samba.org/show_bug.cgi?id=13112 -Bug-Debian: https://bugs.debian.org/880954 -Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2017-16548 - ---- - xattrs.c | 4 ++++ - 1 file changed, 4 insertions(+) - -diff --git a/xattrs.c b/xattrs.c -index 68305d75..4867e6f5 100644 ---- a/xattrs.c -+++ b/xattrs.c -@@ -824,6 +824,10 @@ void receive_xattr(int f, struct file_struct *file) - out_of_memory("receive_xattr"); - name = ptr + dget_len + extra_len; - read_buf(f, name, name_len); -+ if (name_len < 1 || name[name_len-1] != '\0') { -+ rprintf(FERROR, "Invalid xattr name received (missing trailing \\0).\n"); -+ exit_cleanup(RERR_FILEIO); -+ } - if (dget_len == datum_len) - read_buf(f, ptr, dget_len); - else { --- -2.15.1 - Index: head/net/rsync/files/patch-CVE-2017-17433 =================================================================== --- head/net/rsync/files/patch-CVE-2017-17433 +++ head/net/rsync/files/patch-CVE-2017-17433 @@ -1,44 +0,0 @@ -From: Jeriko One -Date: Thu, 2 Nov 2017 23:44:19 -0700 -Subject: Check fname in recv_files sooner. -Origin: https://git.samba.org/?p=rsync.git;a=commit;h=3e06d40029cfdce9d0f73d87cfd4edaf54be9c51 -Bug-Debian: https://bugs.debian.org/883667 -Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2017-17433 - ---- - receiver.c | 12 ++++++------ - 1 file changed, 6 insertions(+), 6 deletions(-) - -diff --git a/receiver.c b/receiver.c -index baae3a91..9fdafa15 100644 ---- a/receiver.c -+++ b/receiver.c -@@ -574,6 +574,12 @@ int recv_files(int f_in, int f_out, char *local_name) - file = dir_flist->files[cur_flist->parent_ndx]; - fname = local_name ? local_name : f_name(file, fbuf); - -+ if (daemon_filter_list.head -+ && check_filter(&daemon_filter_list, FLOG, fname, 0) < 0) { -+ rprintf(FERROR, "attempt to hack rsync failed.\n"); -+ exit_cleanup(RERR_PROTOCOL); -+ } -+ - if (DEBUG_GTE(RECV, 1)) - rprintf(FINFO, "recv_files(%s)\n", fname); - -@@ -645,12 +651,6 @@ int recv_files(int f_in, int f_out, char *local_name) - - cleanup_got_literal = 0; - -- if (daemon_filter_list.head -- && check_filter(&daemon_filter_list, FLOG, fname, 0) < 0) { -- rprintf(FERROR, "attempt to hack rsync failed.\n"); -- exit_cleanup(RERR_PROTOCOL); -- } -- - if (read_batch) { - int wanted = redoing - ? we_want_redo(ndx) --- -2.15.1 - Index: head/net/rsync/files/patch-CVE-2017-17434-1 =================================================================== --- head/net/rsync/files/patch-CVE-2017-17434-1 +++ head/net/rsync/files/patch-CVE-2017-17434-1 @@ -1,38 +0,0 @@ -From: Jeriko One -Date: Thu, 16 Nov 2017 17:05:42 -0800 -Subject: [1/2] Sanitize xname in read_ndx_and_attrs. -Origin: https://git.samba.org/?p=rsync.git;a=commit;h=70aeb5fddd1b2f8e143276f8d5a085db16c593b9 -Bug-Debian: https://bugs.debian.org/883665 -Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2017-17434 - ---- - rsync.c | 6 ++++++ - 1 file changed, 6 insertions(+) - -diff --git a/rsync.c b/rsync.c -index b82e5988..a0945ba4 100644 ---- a/rsync.c -+++ b/rsync.c -@@ -49,6 +49,7 @@ extern int flist_eof; - extern int file_old_total; - extern int keep_dirlinks; - extern int make_backups; -+extern int sanitize_paths; - extern struct file_list *cur_flist, *first_flist, *dir_flist; - extern struct chmod_mode_struct *daemon_chmod_modes; - #ifdef ICONV_OPTION -@@ -396,6 +397,11 @@ int read_ndx_and_attrs(int f_in, int f_out, int *iflag_ptr, uchar *type_ptr, - if (iflags & ITEM_XNAME_FOLLOWS) { - if ((len = read_vstring(f_in, buf, MAXPATHLEN)) < 0) - exit_cleanup(RERR_PROTOCOL); -+ -+ if (sanitize_paths) { -+ sanitize_path(buf, buf, "", 0, SP_DEFAULT); -+ len = strlen(buf); -+ } - } else { - *buf = '\0'; - len = -1; --- -2.15.1 - Index: head/net/rsync/files/patch-CVE-2017-17434-2 =================================================================== --- head/net/rsync/files/patch-CVE-2017-17434-2 +++ head/net/rsync/files/patch-CVE-2017-17434-2 @@ -1,27 +0,0 @@ -From: Jeriko One -Date: Thu, 16 Nov 2017 17:26:03 -0800 -Subject: [2/2] Check daemon filter against fnamecmp in recv_files(). -Origin: https://git.samba.org/?p=rsync.git;a=commit;h=5509597decdbd7b91994210f700329d8a35e70a1 -Bug-Debian: https://bugs.debian.org/883665 -Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2017-17434 - ---- - receiver.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/receiver.c b/receiver.c -index 9fdafa15..9c46242e 100644 ---- a/receiver.c -+++ b/receiver.c -@@ -722,7 +722,7 @@ int recv_files(int f_in, int f_out, char *local_name) - break; - } - if (!fnamecmp || (daemon_filter_list.head -- && check_filter(&daemon_filter_list, FLOG, fname, 0) < 0)) { -+ && check_filter(&daemon_filter_list, FLOG, fnamecmp, 0) < 0)) { - fnamecmp = fname; - fnamecmp_type = FNAMECMP_FNAME; - } --- -2.15.1 -