Release date:
2026-07-02 08:36:15 UTC
Description:
- CVE-2026-45232: fix off-by-one out-of-bounds stack write in
establish_proxy_connection() when a malicious HTTP proxy returns an
over-long response line without a newline; reject the buffer-full
case instead of writing the NUL terminator one byte past the buffer
Updated packages:
-
rsync-3.2.3-19.el9_2.tuxcare.els11.x86_64.rpm
sha:90e9607fc23cbb87f57c4e16ccc4bcaf3950057b6edc1688d154c0685abf004f
-
rsync-daemon-3.2.3-19.el9_2.tuxcare.els11.noarch.rpm
sha:e90a9f35f11fc3e4b870ca1f3af8b4932d752d87c0a7afcc6469db093dfd106c
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.