rsync 3.1.1-3ubuntu1.2 source package in Ubuntu


rsync (3.1.1-3ubuntu1.2) xenial-security; urgency=medium

  * SECURITY UPDATE: receive_xattr function does not check
    for '\0' character allowing denial of service attacks
    - debian/patches/CVE-2017-16548.patch: enforce trailing
      \0 when receiving xattr values in xattrs.c.
    - CVE-2017-16548
  * SECURITY UPDATE: Allows remote attacker to bypass argument
    - debian/patches/CVE-2018-5764.patch: Ignore --protect-args
      when already sent by client in options.c.
    - CVE-2018-5764

 -- <email address hidden> (Leonidas S. Barbosa)  Thu, 18 Jan 2018 17:27:59 -0300

Upload details

Uploaded by:
Leonidas S. Barbosa on 2018-01-18
Uploaded to:
Original maintainer:
Ubuntu Developers
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Xenial updates on 2018-01-23 main net
Xenial security on 2018-01-23 main net


File Size SHA-256 Checksum
rsync_3.1.1.orig.tar.gz 869.3 KiB 7de4364fcf5fe42f3bdb514417f1c40d10bbca896abe7e7f2c581c6ea08a2621
rsync_3.1.1-3ubuntu1.2.debian.tar.xz 24.5 KiB aa43805f1689e2ba769994fceaef99ce42c89e6c9abaa7bd274698939e8ce84d
rsync_3.1.1-3ubuntu1.2.dsc 1.7 KiB 729a915f80bc3fad0bd25064b85af4cab61e0ac5250f39bdddde6253668d58a1

View changes file

Binary packages built by this source

rsync: fast, versatile, remote (and local) file-copying tool

 rsync is a fast and versatile file-copying tool which can copy locally
 and to/from a remote host. It offers many options to control its behavior,
 and its remote-update protocol can minimize network traffic to make
 transferring updates between machines fast and efficient.
 It is widely used for backups and mirroring and as an improved copy
 command for everyday use.
 This package provides both the rsync command line tool and optional
 daemon functionality.