On Fri, Jan 17, 2025 at 10:57:53PM +0100, poc...@homemail.com wrote: > > From: "Andy Smith" <a...@strugglers.net> > > On Fri, Jan 17, 2025 at 03:42:48AM +0100, poc...@homemail.com wrote: > > > > From: "Andy Smith" <a...@strugglers.net> > > > > You can verify this at: > > > > > > > > https://security-tracker.debian.org/tracker/source-package/rsync > > > > > > https://www.cisecurity.org/advisory/multiple-vulnerabilities-in-rsync-could-allow-for-remote-code-execution_2025-007 > > > > Okay, I'll try one more time. > > > > The link you gave above talks about the following security issues: > > > > CVE-2024-12085 > > CVE-2024-12086 > > CVE-2024-12087 > > CVE-2024-12088 > > CVE-2024-12747 > > > > The link that I gave you shows that all of the above already have fixes > > backported to Debian stable-security.
[…] > Has the following been Fixed or back ported to 3.2.7? Your unwillingness to engage with any responses and the way you just keep hammering away with your incorrect understanding doesn't look like you are posting in good faith. The link you posted had CVE numbers for everything it listed, and I showed you how to see that all of those CVE numbers already had corresponding fixes in Debian stable-security. Instead of acknowledging that you have already posted incorrect information twice in this thread, you instead post another big list without CVE numbers and ask the same question. I can see just at a glance that a number of those are things you already asked about and have already been shown are fixed. You need to take that information on board and acknowledge where your understanding has been lacking instead of just posting the same thing again. I am not going to do the further work of finding a CVE number for every one of the things you list and check it's already been fixed in Debian. I did it once already and you just ignored it. You already have the knowledge required to find a CVE number for these issues and check it yourself, so I suggest you do that if you are still curious. Thanks, Andy -- https://bitfolk.com/ -- No-nonsense VPS hosting
