Ubuntu
rsync package

  1. Bug #1531061
  2. Comment #2

Comment 2 for bug 1531061

Revision history for this message
Rolf Leggewie (r0lf) wrote :

This was indeed fixed in xenial and trusty already. Thanks for reporting.

rsync (3.1.1-3ubuntu1) xenial; urgency=medium

  * SECURITY UPDATE: incomplete fix for rsync path spoofing attack
    - debian/patches/CVE-2014-9512-2.diff: add parent-dir validation for
      --no-inc-recurse too in flist.c, generator.c.
    - CVE-2014-9512

 -- Marc Deslauriers <email address hidden> Tue, 19 Jan 2016 14:58:35 -0500