Publishing details

Removed from disk on 2018-01-24.
Removal requested on 2018-01-24.
Superseded on 2018-01-23 by rsync - 3.1.1-3ubuntu1.2
Published on 2017-12-07
Copied from ubuntu xenial in Private PPA for Ubuntu Security Team by Ubuntu Archive Robot

Changelog

rsync (3.1.1-3ubuntu1.1) xenial-security; urgency=medium

  * SECURITY UPDATE: bypass intended access restrictions
    - debian/patches/CVE-2017-17433.patch: check fname in
      recv_files sooner in receiver.c.
    - CVE-2017-17433
  * SECURITY UPDATE: not check for fnamecmp filenames and
    does not apply sanitize_paths
    - debian/patches/CVE-2017-17434-part1.patch: check daemon
      filter against fnamecmp in receiver.c.
    - debian/patches/CVE-2017-17434-part2.patch: sanitize xname
      in rsync.c.
    - CVE-2017-17434

 -- <email address hidden> (Leonidas S. Barbosa)  Wed, 06 Dec 2017 11:07:22 -0300

Available diffs

diff from 3.1.1-3ubuntu1 (in Ubuntu) to 3.1.1-3ubuntu1.1 (1.7 KiB)

Builds

Package files

rsync_3.1.1-3ubuntu1.1.debian.tar.xz (23.7 KiB)
rsync_3.1.1-3ubuntu1.1.dsc (1.7 KiB)
rsync_3.1.1-3ubuntu1.1_amd64.deb (320.9 KiB)
rsync_3.1.1-3ubuntu1.1_arm64.deb (291.8 KiB)
rsync_3.1.1-3ubuntu1.1_armhf.deb (305.6 KiB)
rsync_3.1.1-3ubuntu1.1_i386.deb (334.4 KiB)
rsync_3.1.1-3ubuntu1.1_powerpc.deb (300.8 KiB)
rsync_3.1.1-3ubuntu1.1_ppc64el.deb (338.9 KiB)
rsync_3.1.1-3ubuntu1.1_s390x.deb (312.2 KiB)
rsync_3.1.1.orig.tar.gz (869.3 KiB)