Have you guys already patched or updated rsync vulnerabilities?

image920×430 25.2 KB

The recently disclosed rsync vulnerabilities (CVE-2024-12084, CVE-2024-12088, and CVE-2024-12747).

References:

• OpenWall OSS Security Mailing List Announcement
• CERT KB Vulnerability Note
• FortiGuard Threat Signal Report
• Rsync Mailing List Announcement

Yesterday my Arch installed Version 3.4.1-1 - is this the patched version?

Yes. See Arch news section post: Arch Linux - News: Critical rsync security release 3.4.0