From d61e75849c28c063e5d4f23472379970e0644bc2 Mon Sep 17 00:00:00 2001
From: Henry Beberman <henry.beberman@microsoft.com>
Date: Wed, 15 Jan 2025 19:10:04 -0800
Subject: [PATCH] rsync: upgrade to 3.4.1 to fix multiple CVEs (#11938)

Co-authored-by: jslobodzian <joslobo@microsoft.com>
---
 SPECS/rsync/rsync.signatures.json | 2 +-
 SPECS/rsync/rsync.spec            | 5 ++++-
 cgmanifest.json                   | 4 ++--
 3 files changed, 7 insertions(+), 4 deletions(-)

diff --git a/SPECS/rsync/rsync.signatures.json b/SPECS/rsync/rsync.signatures.json
index d4d0943647c..0cc523b8dad 100644
--- a/SPECS/rsync/rsync.signatures.json
+++ b/SPECS/rsync/rsync.signatures.json
@@ -1,5 +1,5 @@
 {
   "Signatures": {
-    "rsync-3.2.7.tar.gz": "4e7d9d3f6ed10878c58c5fb724a67dacf4b6aac7340b13e488fb2dc41346f2bb"
+    "rsync-3.4.1.tar.gz": "2924bcb3a1ed8b551fc101f740b9f0fe0a202b115027647cf69850d65fd88c52"
   }
 }
diff --git a/SPECS/rsync/rsync.spec b/SPECS/rsync/rsync.spec
index d93cc167afb..e479053dfdb 100644
--- a/SPECS/rsync/rsync.spec
+++ b/SPECS/rsync/rsync.spec
@@ -1,6 +1,6 @@
 Summary:        Fast incremental file transfer.
 Name:           rsync
-Version:        3.2.7
+Version:        3.4.1
 Release:        1%{?dist}
 License:        GPLv3+
 Vendor:         Microsoft Corporation
@@ -60,6 +60,9 @@ EOF
 %{_sysconfdir}/rsyncd.conf
 
 %changelog
+* Wed Jan 15 2025 Henry Beberman <henry.beberman@microsoft.com> - 3.4.1-1
+- Upgrade to version 3.4.1 to fix CVE-2024-12084, CVE-2024-12085, CVE-2024-12086, CVE-2024-12087, CVE-2024-12088, CVE-2024-12747
+
 * Fri Oct 27 2023 CBL-Mariner Servicing Account <cblmargh@microsoft.com> - 3.2.7-1
 - Auto-upgrade to 3.2.7 - Azure Linux 3.0 - package upgrades
 
diff --git a/cgmanifest.json b/cgmanifest.json
index 2959231f006..6fa7beb658d 100644
--- a/cgmanifest.json
+++ b/cgmanifest.json
@@ -25844,8 +25844,8 @@
         "type": "other",
         "other": {
           "name": "rsync",
-          "version": "3.2.7",
-          "downloadUrl": "https://download.samba.org/pub/rsync/src/rsync-3.2.7.tar.gz"
+          "version": "3.4.1",
+          "downloadUrl": "https://download.samba.org/pub/rsync/src/rsync-3.4.1.tar.gz"
         }
       }
     },