Format: 1.8
Date: Thu, 13 Feb 2020 17:48:27 -0500
Source: rsync
Binary: rsync
Architecture: armhf
Version: 3.1.1-3ubuntu1.3
Distribution: xenial
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@bos02-arm64-039.buildd>
Changed-By: Avital Ostromich <avital.ostromich@canonical.com>
Description:
 rsync      - fast, versatile, remote (and local) file-copying tool
Changes:
 rsync (3.1.1-3ubuntu1.3) xenial-security; urgency=medium
 .
   * SECURITY UPDATE: improper pointer arithmetic might allow
     context-dependent attackers to have unspecified impact
     - debian/patches/CVE-2016-9840.patch: remove offset pointer optimization
       in inftrees.c.
     - CVE-2016-9840
   * SECURITY UPDATE: improper pointer arithmetic might allow
     context-dependent attackers to have unspecified impact
     - debian/patches/CVE-2016-9841.patch: use post-increment only in inffast.c.
     - CVE-2016-9841
   * SECURITY UPDATE: vectors involving left shifts of negative integers might
     allow context-dependent attackers to have unspecified impact
     - debian/patches/CVE-2016-9842_1.patch: avoid shifts of negative values in
       inflateMark().
     - debian/patches/CVE-2016-9842_2.patch: avoid casting an out-of-range
       value to long.
     - CVE-2016-9842
   * SECURITY UPDATE: vectors involving big-endian CRC calculation might allow
     context-dependent attackers to have unspecified impact
     - debian/patches/CVE-2016-9843.patch: avoid pre-decrement of pointer in
       big-endian CRC calculation.
     - CVE-2016-9843
Checksums-Sha1:
 ce58e3e90503612e87b72a54b507c8f6191ceaac 313078 rsync_3.1.1-3ubuntu1.3_armhf.deb
Checksums-Sha256:
 3b259ce6c045869203a92a7e233444b2347016102f29ffdeb0b6e5a1250fd025 313078 rsync_3.1.1-3ubuntu1.3_armhf.deb
Files:
 3913c8b9192549ffa3ed7b57d766a1cc 313078 net optional rsync_3.1.1-3ubuntu1.3_armhf.deb
Original-Maintainer: Paul Slootman <paul@debian.org>