Format: 1.8 Date: Thu, 13 Feb 2020 17:48:27 -0500 Source: rsync Binary: rsync Architecture: amd64 Version: 3.1.1-3ubuntu1.3 Distribution: xenial Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Avital Ostromich Description: rsync - fast, versatile, remote (and local) file-copying tool Changes: rsync (3.1.1-3ubuntu1.3) xenial-security; urgency=medium . * SECURITY UPDATE: improper pointer arithmetic might allow context-dependent attackers to have unspecified impact - debian/patches/CVE-2016-9840.patch: remove offset pointer optimization in inftrees.c. - CVE-2016-9840 * SECURITY UPDATE: improper pointer arithmetic might allow context-dependent attackers to have unspecified impact - debian/patches/CVE-2016-9841.patch: use post-increment only in inffast.c. - CVE-2016-9841 * SECURITY UPDATE: vectors involving left shifts of negative integers might allow context-dependent attackers to have unspecified impact - debian/patches/CVE-2016-9842_1.patch: avoid shifts of negative values in inflateMark(). - debian/patches/CVE-2016-9842_2.patch: avoid casting an out-of-range value to long. - CVE-2016-9842 * SECURITY UPDATE: vectors involving big-endian CRC calculation might allow context-dependent attackers to have unspecified impact - debian/patches/CVE-2016-9843.patch: avoid pre-decrement of pointer in big-endian CRC calculation. - CVE-2016-9843 Checksums-Sha1: 53735a57e73ded0993047d93434b8dec8a7eaade 328514 rsync_3.1.1-3ubuntu1.3_amd64.deb Checksums-Sha256: 9c1fe708299bd95dca3c92d7c8f41c58662d5de280f3788dca096916fe1bc2b4 328514 rsync_3.1.1-3ubuntu1.3_amd64.deb Files: af883cdc62111ef9f5c57a370b19b8b5 328514 net optional rsync_3.1.1-3ubuntu1.3_amd64.deb Original-Maintainer: Paul Slootman