Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 496
Alerts This Week
Warning Icon 1 496

Oracle Linux 10 rsync Important Memory Disclosure Bug Fix ELSA-2026-26332

oracle
Calendar Grey July 17, 2026
Scroller Oracle
Updated Oracle Linux packages for rsync resolve TOCTOU race condition and memory disclosure, enhancing security. Check advisory details.
The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

Summary

[3.4.4-1] - Resolves: RHEL-181630 - Rebase rsync to version 3.4.4 - Resolves: RHEL-174929 - TOCTOU symlink race condition (CVE-2026-29518) - Resolves: RHEL-174949 - Memory disclosure via int overflow (CVE-2026-43618) [3.4.1-3] - Resolves: RHEL-118549 - Do not clear DISPLAY unconditionally

SRPMs

http://oss.oracle.com/ol10/SRPMS-updates/rsync-3.4.4-1.el10_2.src.rpm

x86_64

rsync-3.4.4-1.el10_2.x86_64.rpm rsync-daemon-3.4.4-1.el10_2.noarch.rpm rsync-rrsync-3.4.4-1.el10_2.noarch.rpm

aarch64

rsync-3.4.4-1.el10_2.aarch64.rpm rsync-daemon-3.4.4-1.el10_2.noarch.rpm rsync-rrsync-3.4.4-1.el10_2.noarch.rpm

Severity
important
Lowest
Low
Medium
High
Critical

Related CVEs: CVE-2026-29518 CVE-2026-43618

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.