Comment 0 for bug 7433

Revision history for this message
In , Florian Weimer (fw) wrote :

Package: rsync
Version: 2.6.2-2
Severity: grave
Tags: security upstream fixed-upstream patch
Justification: user security hole

The rsync team has announced a new security bug which affects daemon
mode:

  <http://samba.org/rsync/#security_aug04>

The patch is reproduced below (module whitespace)

--- orig/util.c 2004-04-27 12:59:37 -0700
+++ util.c 2004-08-11 23:37:27 -0700
@@ -743,7 +743,7 @@
     allowdotdot = 1;
    } else {
     p += 2;
- if (*p == '/')
+ while (*p == '/')
      p++;
     if (sanp != start) {
      /* back up sanp one level */