Change logs for rsync source package in Artful

  • rsync (3.1.2-2ubuntu0.2) artful-security; urgency=medium
    
      * SECURITY UPDATE: receive_xattr function does not check
        for '\0' character allowing denial of service attacks
        - debian/patches/CVE-2017-16548.patch: enforce trailing
          \0 when receiving xattr values in xattrs.c.
        - CVE-2017-16548
      * SECURITY UPDATE: Allows remote attacker to bypass argument
        - debian/patches/CVE-2018-5764.patch: Ignore --protect-args
          when already sent by client in options.c.
        - CVE-2018-5764
    
     -- <email address hidden> (Leonidas S. Barbosa)  Thu, 18 Jan 2018 17:34:53 -0300
  • rsync (3.1.2-2ubuntu0.1) artful-security; urgency=medium
    
      * SECURITY UPDATE: bypass intended access restrictions
        - debian/patches/CVE-2017-17433.patch: check fname in
          recv_files sooner in receiver.c.
        - CVE-2017-17433
      * SECURITY UPDATE: not check for fnamecmp filenames and
        does not apply sanitize_paths
        - debian/patches/CVE-2017-17434-part1.patch: check daemon
          filter against fnamecmp in receiver.c.
        - debian/patches/CVE-2017-17434-part2.patch: sanitize xname
          in rsync.c.
        - CVE-2017-17434
    
     -- <email address hidden> (Leonidas S. Barbosa)  Wed, 06 Dec 2017 10:33:24 -0300
  • rsync (3.1.2-2) unstable; urgency=medium
    
      * Added patch from upstream git to resolve temporary lines in --progress
        output not being cleared.
        closes:#749165
      * Added patch from upstream git to speed up handling of xattrs.
        closes:#799143
    
     -- Paul Slootman <email address hidden>  Fri, 17 Mar 2017 15:02:00 +0100
  • rsync (3.1.2-1) unstable; urgency=medium
    
      * new upstream release
      * Bumped Standards-Version to 3.9.8 (no change necessary).
      * added deb-systemd-helper stuff to maintainer scripts to properly support
        systemd.
        closes:#764616
      * Modified the /etc/default/rsync and /usr/share/doc/rsync/README.Debian 
        to document how to configure the rsync daemon behaviour when using systemd.
        closes:#786549
      * included copy-devices.diff patch from
        https://rsync.samba.org/ftp/rsync/src/rsync-patches-3.1.2.tar.gz to
        enable the --copy-devices option to copy the data inside a device instead
        of copying the node.
        closes:#509335
      * included time-limit.diff patch from
        https://rsync.samba.org/ftp/rsync/src/rsync-patches-3.1.2.tar.gz to
        enable the -stop-at and --time-limit patches to stop rsync at a certain
        time or after a certain duration.
        closes:#701812
      * Add description of value for --compress-level to manpage.
        closes:#700697
      * Don't use hard-coded path to invoke-rc.d for check in prerm script.
    
     -- Paul Slootman <email address hidden>  Fri, 07 Oct 2016 15:48:23 +0200