Publishing details

• Removed from disk on 2022-04-01.
• Removal requested on 2022-04-01.
• Superseded on 2022-03-31 by rsync - 3.1.2-2.1ubuntu1.4
• Published on 2020-02-24
• Copied from ubuntu bionic in PPA for Ubuntu Security Proposed by Avital Ostromich

Changelog

rsync (3.1.2-2.1ubuntu1.1) bionic-security; urgency=medium

  * SECURITY UPDATE: improper pointer arithmetic might allow
    context-dependent attackers to have unspecified impact
    - debian/patches/CVE-2016-9840.patch: remove offset pointer optimization
      in inftrees.c.
    - CVE-2016-9840
  * SECURITY UPDATE: improper pointer arithmetic might allow
    context-dependent attackers to have unspecified impact
    - debian/patches/CVE-2016-9841.patch: use post-increment only in inffast.c.
    - CVE-2016-9841
  * SECURITY UPDATE: vectors involving left shifts of negative integers might
    allow context-dependent attackers to have unspecified impact
    - debian/patches/CVE-2016-9842_1.patch: avoid shifts of negative values in
      inflateMark().
    - debian/patches/CVE-2016-9842_2.patch: avoid casting an out-of-range
      value to long.
    - CVE-2016-9842
  * SECURITY UPDATE: vectors involving big-endian CRC calculation might allow
    context-dependent attackers to have unspecified impact
    - debian/patches/CVE-2016-9843.patch: avoid pre-decrement of pointer in
      big-endian CRC calculation.
    - CVE-2016-9843

 -- Avital Ostromich <email address hidden>  Tue, 18 Feb 2020 16:03:13 -0500

Builds

• amd64
• arm64
• armhf
• i386
• ppc64el
• s390x

Package files

• rsync_3.1.2-2.1ubuntu1.1.debian.tar.xz (38.4 KiB)
• rsync_3.1.2-2.1ubuntu1.1.dsc (1.6 KiB)
• rsync_3.1.2-2.1ubuntu1.1_amd64.deb (326.6 KiB)
• rsync_3.1.2-2.1ubuntu1.1_arm64.deb (300.6 KiB)
• rsync_3.1.2-2.1ubuntu1.1_armhf.deb (307.3 KiB)
• rsync_3.1.2-2.1ubuntu1.1_i386.deb (340.4 KiB)
• rsync_3.1.2-2.1ubuntu1.1_ppc64el.deb (368.5 KiB)
• rsync_3.1.2-2.1ubuntu1.1_s390x.deb (313.7 KiB)
• rsync_3.1.2.orig.tar.gz (871.8 KiB)