rsync 3.1.1-3ubuntu1.1 source package in Ubuntu


rsync (3.1.1-3ubuntu1.1) xenial-security; urgency=medium

  * SECURITY UPDATE: bypass intended access restrictions
    - debian/patches/CVE-2017-17433.patch: check fname in
      recv_files sooner in receiver.c.
    - CVE-2017-17433
  * SECURITY UPDATE: not check for fnamecmp filenames and
    does not apply sanitize_paths
    - debian/patches/CVE-2017-17434-part1.patch: check daemon
      filter against fnamecmp in receiver.c.
    - debian/patches/CVE-2017-17434-part2.patch: sanitize xname
      in rsync.c.
    - CVE-2017-17434

 -- <email address hidden> (Leonidas S. Barbosa)  Wed, 06 Dec 2017 11:07:22 -0300

Upload details

Uploaded by:
Leonidas S. Barbosa on 2017-12-06
Uploaded to:
Original maintainer:
Ubuntu Developers
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section


File Size SHA-256 Checksum
rsync_3.1.1.orig.tar.gz 869.3 KiB 7de4364fcf5fe42f3bdb514417f1c40d10bbca896abe7e7f2c581c6ea08a2621
rsync_3.1.1-3ubuntu1.1.debian.tar.xz 23.7 KiB 695847246ec67ea58507b808e5b08fb218be51f47309e78a56c8d46461719cec
rsync_3.1.1-3ubuntu1.1.dsc 1.7 KiB 1181b337268059b2a3b498fbdb48610a76953ef13a3a330888940d1d0ed242d7

View changes file

Binary packages built by this source

rsync: fast, versatile, remote (and local) file-copying tool

 rsync is a fast and versatile file-copying tool which can copy locally
 and to/from a remote host. It offers many options to control its behavior,
 and its remote-update protocol can minimize network traffic to make
 transferring updates between machines fast and efficient.
 It is widely used for backups and mirroring and as an improved copy
 command for everyday use.
 This package provides both the rsync command line tool and optional
 daemon functionality.