Comment 2 for bug 7433

Revision history for this message
Debian Bug Importer (debzilla) wrote :

Message-Id: <email address hidden>
Date: Sat, 14 Aug 2004 12:48:13 +0200
From: Florian Weimer <email address hidden>
To: Debian Bug Tracking System <email address hidden>
Subject: rsync: directory traversal in daemon mode

Package: rsync
Version: 2.6.2-2
Severity: grave
Tags: security upstream fixed-upstream patch
Justification: user security hole

The rsync team has announced a new security bug which affects daemon
mode:

  <http://samba.org/rsync/#security_aug04>

The patch is reproduced below (module whitespace)

--- orig/util.c 2004-04-27 12:59:37 -0700
+++ util.c 2004-08-11 23:37:27 -0700
@@ -743,7 +743,7 @@
     allowdotdot = 1;
    } else {
     p += 2;
- if (*p == '/')
+ while (*p == '/')
      p++;
     if (sanp != start) {
      /* back up sanp one level */