14 lines
1.2 KiB
JSON
14 lines
1.2 KiB
JSON
{
|
|
"id": "openEuler-SA-2022-1853",
|
|
"url": "https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2022-1853",
|
|
"title": "An update for rsync is now available for openEuler-20.03-LTS-SP1,openEuler-20.03-LTS-SP3 and openEuler-22.03-LTS",
|
|
"severity": "Critical",
|
|
"description": "Rsync is an open source utility that provides fast incremental file transfer. It uses the \"rsync algorithm\" which provides a very fast method for bringing remote files into sync. It does this by sending just the differences in the files across the link, without requiring that both sets of files are present at one of the ends of the link beforehand.\r\n\r\nSecurity Fix(es):\r\n\nzlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference).(CVE-2022-37434)",
|
|
"cves": [
|
|
{
|
|
"id": "CVE-2022-37434",
|
|
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-37434",
|
|
"severity": "Critical"
|
|
}
|
|
]
|
|
} |