rsync 3.1.2-1ubuntu0.1 source package in Ubuntu


rsync (3.1.2-1ubuntu0.1) zesty-security; urgency=medium

  * SECURITY UPDATE: bypass intended access restrictions
    - debian/patches/CVE-2017-17433.patch: check fname in
      recv_files sooner in receiver.c.
    - CVE-2017-17433
  * SECURITY UPDATE: not check for fnamecmp filenames and
    does not apply sanitize_paths
    - debian/patches/CVE-2017-17434-part1.patch: check daemon
      filter against fnamecmp in receiver.c.
    - debian/patches/CVE-2017-17434-part2.patch: sanitize xname
      in rsync.c.
    - CVE-2017-17434

 -- <email address hidden> (Leonidas S. Barbosa)  Wed, 06 Dec 2017 10:57:38 -0300

Upload details

Uploaded by:
Leonidas S. Barbosa on 2017-12-06
Uploaded to:
Original maintainer:
Ubuntu Developers
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Zesty updates on 2017-12-07 main net
Zesty security on 2017-12-07 main net


File Size SHA-256 Checksum
rsync_3.1.2.orig.tar.gz 871.8 KiB ecfa62a7fa3c4c18b9eccd8c16eaddee4bd308a76ea50b5c02a5840f09c0a1c2
rsync_3.1.2-1ubuntu0.1.debian.tar.xz 26.9 KiB 84987ea7cd5a068909a77e559bf8e588a65378c51c9037e987fc2b9f2a756429
rsync_3.1.2-1ubuntu0.1.dsc 1.7 KiB 9427004b8711ab712bffbf0d6f22c8f31b09491c88eb8e9bfa2b4597e06dc799

View changes file

Binary packages built by this source

rsync: fast, versatile, remote (and local) file-copying tool

 rsync is a fast and versatile file-copying tool which can copy locally
 and to/from a remote host. It offers many options to control its behavior,
 and its remote-update protocol can minimize network traffic to make
 transferring updates between machines fast and efficient.
 It is widely used for backups and mirroring and as an improved copy
 command for everyday use.
 This package provides both the rsync command line tool and optional
 daemon functionality.