LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Foresight alert FLEA-2007-0047-1 (rsync)



From:
    	      Foresight Linux Essential Announcement Service <foresight-security-noreply@foresightlinux.org>


To:
    	      foresight-security-announce@lists.rpath.org


Subject:
    	      FLEA-2007-0047-1 rsync


Date:
    	      Thu, 23 Aug 2007 16:52:51 -0400


Message-ID:
    	      <46cdf3a3.7gaxaH747vmDe4Z7%foresight-security-noreply@foresightlinux.org>


Cc:
    	      security-alerts@linuxsecurity.com, full-disclosure@lists.grok.org.uk,
 bugtraq@securityfocus.com, lwn@lwn.net


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Foresight Linux Essential Advisory: 2007-0047-1
Published: 2007-08-23

Rating: Major

Updated Versions:
    rsync=/conary.rpath.com at rpl:devel//1/2.6.8-1.1-1
    group-dist=/foresight.rpath.org@fl:1-devel//1/1.3.2-0.9-2

References:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4091
    https://issues.rpath.com/browse/RPL-1647

Description:
    Previous versions of the rsync package contain multiple buffer-overflow
    vulnerabilities, possibly allowing remote attackers to execute arbitrary
    code using maliciously crafted directory names.

- ---

Copyright 2007 Foresight Linux Project
This file is distributed under the terms of the MIT License.
A copy is available at http://www.foresightlinux.org/permanent/mit-license.html
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)

iD8DBQFGzfObWu/kq4lN9jkRAhwqAJ4gsPTh6KGzZS/KSHUT6PyOjPxz1gCfZwuu
Ag9iWD7wwgY3wbHY7f7NDLo=
=kxOQ
-----END PGP SIGNATURE-----
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds