rsync 3.1.0-2ubuntu0.4 source package in Ubuntu


rsync (3.1.0-2ubuntu0.4) trusty-security; urgency=medium

  * SECURITY UPDATE: receive_xattr function does not check
    for '\0' character allowing denial of service attacks
    - debian/patches/CVE-2017-16548.patch: enforce trailing
      \0 when receiving xattr values in xattrs.c.
    - CVE-2017-16548
  * SECURITY UPDATE: Allows remote attacker to bypass argument
    - debian/patches/CVE-2018-5764.patch: Ignore --protect-args
      when already sent by client in options.c.
    - CVE-2018-5764

 -- <email address hidden> (Leonidas S. Barbosa)  Thu, 18 Jan 2018 17:00:13 -0300

Upload details

Uploaded by:
Leonidas S. Barbosa
Uploaded to:
Original maintainer:
Ubuntu Developers
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Trusty updates main net
Trusty security main net


File Size SHA-256 Checksum
rsync_3.1.0.orig.tar.gz 863.2 KiB 81ca23f77fc9b957eb9845a6024f41af0ff0c619b7f38576887c63fa38e2394e
rsync_3.1.0-2ubuntu0.4.diff.gz 24.6 KiB 64260bfcb29c027e3fad8f6055700dfd5a6de820d3ab972cc22c9827a9a28e13
rsync_3.1.0-2ubuntu0.4.dsc 1.7 KiB 286e509c3644c5af36b2eb297f43ae1f81295779ebde7d22380e2157206b297e

View changes file

Binary packages built by this source

rsync: fast, versatile, remote (and local) file-copying tool

 rsync is a fast and versatile file-copying tool which can copy locally
 and to/from a remote host. It offers many options to control its behavior,
 and its remote-update protocol can minimize network traffic to make
 transferring updates between machines fast and efficient.
 It is widely used for backups and mirroring and as an improved copy
 command for everyday use.
 This package provides both the rsync command line tool and optional
 daemon functionality.