rsync 3.1.0-2ubuntu0.3 source package in Ubuntu


rsync (3.1.0-2ubuntu0.3) trusty-security; urgency=medium

  * SECURITY UPDATE: bypass intended access restrictions
    - debian/patches/CVE-2017-17433.patch: check fname in
      recv_files sooner in receiver.c.
    - CVE-2017-17433
  * SECURITY UPDATE: not check for fnamecmp filenames and
    does not apply sanitize_paths
    - debian/patches/CVE-2017-17434-part1.patch: check daemon
      filter against fnamecmp in receiver.c.
    - debian/patches/CVE-2017-17434-part2.patch: sanitize xname
      in rsync.c.
    - CVE-2017-17434

 -- <email address hidden> (Leonidas S. Barbosa)  Wed, 06 Dec 2017 11:36:31 -0300

Upload details

Uploaded by:
Leonidas S. Barbosa on 2017-12-06
Uploaded to:
Original maintainer:
Ubuntu Developers
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section


File Size SHA-256 Checksum
rsync_3.1.0.orig.tar.gz 863.2 KiB 81ca23f77fc9b957eb9845a6024f41af0ff0c619b7f38576887c63fa38e2394e
rsync_3.1.0-2ubuntu0.3.diff.gz 23.6 KiB d8473f2ea48aece953215207952ad3a45d7e6d6919285f2fd80e2c61132db4f2
rsync_3.1.0-2ubuntu0.3.dsc 1.7 KiB eefe8516697129e57b18bf29c66f021bf036e97b82de2593a6ab5716376ede7c

View changes file

Binary packages built by this source

rsync: fast, versatile, remote (and local) file-copying tool

 rsync is a fast and versatile file-copying tool which can copy locally
 and to/from a remote host. It offers many options to control its behavior,
 and its remote-update protocol can minimize network traffic to make
 transferring updates between machines fast and efficient.
 It is widely used for backups and mirroring and as an improved copy
 command for everyday use.
 This package provides both the rsync command line tool and optional
 daemon functionality.