Fixes for a critical rsync vulnerability (CVE-2024-12084) have been released for Stable/Bookworm, Testing and Unstable. Oldstable/Bullseye is not affected. Fixes for other lower severity CVEs have also been released in the same update and can all be tracked at The fixed Stable version is 3.2.7-1+deb12u1 and the fixed Testing/Unstable version is 3.3.0+ds1-3
Fixes for a critical rsync vulnerability (CVE-2024-12084) have been released for Stable/Bookworm, Testing and Unstable. Oldstable/Bullseye is not affected. Fixes for other lower severity CVEs have also been released in the same update and can all be tracked at https://security-tracker.debian.org/tracker/source-package/rsync. The fixed Stable version is 3.2.7-1+deb12u1 and the fixed Testing/Unstable version is 3.3.0+ds1-3