1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE.SEC

  • [SECURITY] [DSA 4068-1] rsync security update

    From Salvatore Bonaccorso@1:229/2 to All on Sun Dec 17 22:20:02 2017
    From: [email protected]

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-4068-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso December 17, 2017 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : rsync
    CVE ID : CVE-2017-16548 CVE-2017-17433 CVE-2017-17434
    Debian Bug : 880954 883665 883667

    Several vulnerabilities were discovered in rsync, a fast, versatile,
    remote (and local) file-copying tool, allowing a remote attacker to
    bypass intended access restrictions or cause a denial of service.

    For the oldstable distribution (jessie), these problems have been fixed
    in version 3.1.1-3+deb8u1.

    For the stable distribution (stretch), these problems have been fixed in version 3.1.2-1+deb9u1.

    We recommend that you upgrade your rsync packages.

    For the detailed security status of rsync please refer to its security
    tracker page at: https://security-tracker.debian.org/tracker/rsync

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: [email protected]
    -----BEGIN PGP SIGNATURE-----

    iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlo23R9fFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0QRsA/+PRKy2RwqsFy4F4GWGC5wMWuOA+XNHGcMNnNHCsLKsTQmJRlWlY0Mn7dK n+7dFs+areT7KfYeWbCnStTMBXknkIArVWQK5eF4nwWcBq1BP0FmfheDpIoiP5xW xTu8TCkUqf+I/RdzhtrjJ2MjlSeQY7h4kpZdOflMbNN/38HvBNfKtlIr4S4SkTQ5 F3gfh4Rd8BpMEIHGmDi3eluvdsTd14zRv7CiQJXPTdufizgDAgNnSQbqf485MoBZ YU4NrHEE2jVSTDK40uLO/lQJxaAs6HTkndtAVlJGdldaa0vAcqsmAyucJELYNONI fpQMmfJIdqFrZWGgtz8u0flQkxKNWtnYkYTNRplefwTZ4EnMOWGQ6TppxD63PzMb r1KROm7Kw1Zt6KRvJ9y2Z0OBF8N0iaoOwvqXKnhatwHV/jZMEGec/4xFRqXqiiCM S/pFTB6hA1jo9GaCvOFBdws1qaRFXY9q8IFvj7Myd7se1DmONCZ4BvSntEx8j/Iy xqdrjOlB2OuFT1zVfZffziq9E5ag2OMGo5Jk5XudX5yHUN2CmBX92flKBh6zqUcY UOh3o4aIhrQWHYEGrydg3tLmvM/E5+deGqwTzZCJGfvxOryQ1zqAh/SUq9KhodPU cGJxVsQ5Pu7MYMD40VG66GoBIEX6USzRVaiDKAtzJUEcb+QF8U4=
    =mEX3
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: you cannot sedate... all the things you hate (1:229/2)