These are all security issues fixed in the rsync-3.2.3-2.6 package on the GA media of openSUSE Tumbleweed.
{ "binaries": [ { "rsync": "3.2.3-2.6" } ] }