Accepted rsync 2.6.9-5.1 (source i386)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Mon, 03 Dec 2007 17:00:37 +0100
Source: rsync
Binary: rsync
Architecture: source i386
Version: 2.6.9-5.1
Distribution: unstable
Urgency: high
Maintainer: Paul Slootman <paul@debian.org>
Changed-By: Nico Golde <nion@debian.org>
Description:
rsync - fast remote file copy program (like rcp)
Closes: 453652
Changes:
rsync (2.6.9-5.1) unstable; urgency=high
.
* Non-maintainer upload by testing-security team.
* This update addresses the following security issues (Closes: #453652):
- When "use chroot" option is disabled, a programming error
can be exploited by a user to trick rsync into creating a
symlink that points outside the module's hierarchy.
- A programming error within the "exclude", "exclude from" and "filter"
options can be exploited via a symlink attack to gain access
to hidden files if the filename is known.
Files:
28b881c85ed620afe5c103426fc49841 560 net optional rsync_2.6.9-5.1.dsc
61ea40dae091ed44153bbaa5a7424145 43173 net optional rsync_2.6.9-5.1.diff.gz
0b663b41fea99d27fe2c06a53783e0c8 258652 net optional rsync_2.6.9-5.1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFHVwOQHYflSXNkfP8RAmhvAJ0ZH0nIwWCdM35g+A9j6ZWMlZLMNACdETh7
C5ig0ObWVRIMIMZhjm9pWFM=
=cTQF
-----END PGP SIGNATURE-----
Accepted:
rsync_2.6.9-5.1.diff.gz
to pool/main/r/rsync/rsync_2.6.9-5.1.diff.gz
rsync_2.6.9-5.1.dsc
to pool/main/r/rsync/rsync_2.6.9-5.1.dsc
rsync_2.6.9-5.1_i386.deb
to pool/main/r/rsync/rsync_2.6.9-5.1_i386.deb
Reply to: