[Bug 1531061] Re: Rsync path spoofing attack vulnerability
Rolf Leggewie
1531061 at bugs.launchpad.net
Thu Aug 25 11:49:41 UTC 2016
This was indeed fixed in xenial and trusty already. Thanks for
reporting.
rsync (3.1.1-3ubuntu1) xenial; urgency=medium
* SECURITY UPDATE: incomplete fix for rsync path spoofing attack
- debian/patches/CVE-2014-9512-2.diff: add parent-dir validation for
--no-inc-recurse too in flist.c, generator.c.
- CVE-2014-9512
-- Marc Deslauriers <marc.deslauriers at ubuntu.com> Tue, 19 Jan 2016
14:58:35 -0500
** Changed in: rsync (Ubuntu)
Status: Confirmed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to rsync in Ubuntu.
https://bugs.launchpad.net/bugs/1531061
Title:
Rsync path spoofing attack vulnerability
Status in rsync package in Ubuntu:
Fix Released
Bug description:
A security fix in rsync 3.1.2 was released, adding extra check to the
file list to prevent a malicious sender to use unsafe destination path
for transferred file, such as just-sent symlink.
Details on the bug from rsync's page (hosted at samba), replication
information, patch information can be found here:
https://bugzilla.samba.org/show_bug.cgi?id=10977
Upstream patch:
https://git.samba.org/rsync.git/?p=rsync.git;a=commit;h=962f8b90045ab331fc04c9e65f80f1a53e68243b
Seems like this should be backported to currently supported LTS and
regular releases as a security update?
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/rsync/+bug/1531061/+subscriptions
More information about the foundations-bugs
mailing list