In CU 170 a security patch was applied to rsync for CVE-2022-29154 5 days after this patch was merged into the IPFire git repo a bug was identified with it and fix carried out. Three further fixes were then required to resolve additional bugs created in the first fix. None of these fixes got into CU170. The fixes were applied in rsync git without any notification. The CVE patch and all subsequent fixes are built into versions from 3.2.5 onwards
See community thread on this topic https://community.ipfire.org/t/rsync-via-ssh-doesnt-work-anymore-since-core-170/8708
Patch for version 3.2.6 submitted to dev mailing list and patchwork. https://patchwork.ipfire.org/project/ipfire/patch/20221004105442.3649212-1-adolf.belka@ipfire.org/
https://git.ipfire.org/?p=ipfire-2.x.git;a=commit;h=a4e5b6d689a7f3094b916251b52e04ff0825add4
https://blog.ipfire.org/post/ipfire-2-27-core-update-171-is-available-for-testing
The person who flagged up the original problem on the community forum does not want to test out CU171 Testing as he doesn't want to have to do a full install when CU171 goes to Stable release. I tried a test with my vm testbed. With CU171 Testing I did an rsync from a green client to the ipfire machine from the ipfire machine. The rsync at both ends was 3.2.6 The synchronisation worked without a problem. As a reference I then, with CU170, did the same rsync command. This time the rsync version on ipfire was 3.2.4 while on the green client it was 3.2.6 That synchronisation also worked without a problem. I then went back and read the report about the problem with rsync that camne from the CVE-2022-29154 patch and realised that most files were being synchronised successfully but the synch could fail on random files. So it looks like for verification of this bug we will have to wait for the person who flagged up the problem to test out CU171 when it is released as a Stable version and tested with the same fileset as caused the original problem. I expect it will solve the problem as since rsync-3.2.5 when the bug fixes were included no-one has been flagging up this issue on the rsync git issues page.
https://blog.ipfire.org/post/ipfire-2-27-core-update-171-released-security-advisory