[ubuntu/xenial-proposed] rsync 3.1.1-3ubuntu1 (Accepted)
Marc Deslauriers
marc.deslauriers at ubuntu.com
Tue Jan 19 20:20:15 UTC 2016
rsync (3.1.1-3ubuntu1) xenial; urgency=medium
* SECURITY UPDATE: incomplete fix for rsync path spoofing attack
- debian/patches/CVE-2014-9512-2.diff: add parent-dir validation for
--no-inc-recurse too in flist.c, generator.c.
- CVE-2014-9512
Date: Tue, 19 Jan 2016 14:58:35 -0500
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/rsync/3.1.1-3ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Tue, 19 Jan 2016 14:58:35 -0500
Source: rsync
Binary: rsync
Architecture: source
Version: 3.1.1-3ubuntu1
Distribution: xenial
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
rsync - fast, versatile, remote (and local) file-copying tool
Changes:
rsync (3.1.1-3ubuntu1) xenial; urgency=medium
.
* SECURITY UPDATE: incomplete fix for rsync path spoofing attack
- debian/patches/CVE-2014-9512-2.diff: add parent-dir validation for
--no-inc-recurse too in flist.c, generator.c.
- CVE-2014-9512
Checksums-Sha1:
550ce8c43a1098d4a7cfd83c6fd7975ced708a37 1783 rsync_3.1.1-3ubuntu1.dsc
3eaa38824dc6549613275218778d2a4d5589c2d2 23276 rsync_3.1.1-3ubuntu1.debian.tar.xz
Checksums-Sha256:
82a2cd25d9b050ec6e05e593b4efa830148ff448f025d255cc94aaa98c23f37f 1783 rsync_3.1.1-3ubuntu1.dsc
d7285786020672db9101ed007719be9abad8bde55f604e58ecbadab4ce206645 23276 rsync_3.1.1-3ubuntu1.debian.tar.xz
Files:
d9dfcbb183918c78bfaff20d4e491dda 1783 net optional rsync_3.1.1-3ubuntu1.dsc
85eb3edb50ba8b9cd699ea045b88b217 23276 net optional rsync_3.1.1-3ubuntu1.debian.tar.xz
Original-Maintainer: Paul Slootman <paul at debian.org>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCgAGBQJWnpf2AAoJEGVp2FWnRL6TjukP/1BHzXddfZALOl8fKa+vyco9
znkQnhKcI6cwYfxTU9FEQiy7TE4mcNMKmhRCPJFBQv5RZkK8CfLC2MXC9uxQklcO
TW5uKjTzWvk+Wc980SOzYfS6zRp7B5EjSokeJ4qe0/TIduVbM46N+URXbMtz/aSf
nikIIoh6/ty+n+gq7M38gvw81SWdHOW+NxMiigcYOM0DbAfn2anNpGNbkIsnnH2Z
IOfw967Lrer7ssaL82GgBYu+xzdy+mKFHh/o/u3Q911pUF8i+YbW6u/ggodFtPUE
0bqv8la7CYB5/bYSYzXBOM2CAfv3AYR71d+a+nKzdOuNVrKAjjSl6xVT5B0NAfN6
S1eknBuHx9dW56ZvrH+MN7FPl6+uvPVRKxXKOizgzpKpqU8T0mqUzvnKLt3dBqWQ
Ksli5sp0rnzEQ75oyEzuGC4TrMzSOdC6EBLF1b80J8C4e1sMShUtctB9ULjjR980
MHji51L+HsyM3vd21ysu94vPibQvHuAPvEiLe4JWhGKbJVXeD5llcZK7dO51DLCY
C+HlyalCVUKHRy5ZG7hIbilKP5KUmPfVYkU7EnW9xrd0QPEusgmrgpmTuCep6t5e
MrgKwLE5Ab6Dche0o45nS3OaevhdH9ONrbNDtoE13o1Mdi05wzDlXueBJI+Zt6HH
PnhJ6eiFPayVrD9PW8Qk
=BO7O
-----END PGP SIGNATURE-----
More information about the Xenial-changes
mailing list