Release date:
2026-05-28 09:17:51 UTC
Description:
- CVE-2026-43619: fix symlink-race TOCTOU on receiver-side path-based
syscalls by routing chmod/chown/rename/mkdir/symlink/mknod/link/
unlink/rmdir/utimensat/stat/lstat/open through symlink-race-safe
do_*_at() wrappers, securing change_dir() chdir-escape and
copy_file source/dest opens; harden secure_relative_open() to
confine basedir resolution and reject all "../" components
Updated packages:
-
rsync-3.2.5-3.el9_6.tuxcare.els6.x86_64.rpm
sha:ca9b467bcf3270696c103a38392599dd67e4c8b9e80c75d75c33610edbf3b92b
-
rsync-daemon-3.2.5-3.el9_6.tuxcare.els6.noarch.rpm
sha:3945c0b1423f6328e47e836969af8cc0746395f765487276485858cc406ef972
-
rsync-rrsync-3.2.5-3.el9_6.tuxcare.els6.noarch.rpm
sha:d1b19218a4f34bc6cc329e05cfdd1f88ba944d3bf7034cf66453db331ffc77b4
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
