[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] SUSE Security Announcement: kdelibs (SuSE-SA:2004:014)



On Thu, 3 Jun 2004, Kastus wrote:

> On Wed, May 26, 2004 at 01:41:23PM +0200, Sebastian Krahmer wrote:
> > 
> > 2)  Pending vulnerabilities in SUSE Distributions and Workarounds:
> > 
> >     - rsync
> >     rsync prior to version 2.6.1 does not properly sanitize paths
> >     when running as read/write daemon without chroot. New update packages
> >     are available on our ftp servers which fix this problem.
> > 
> 
> This is about rsync-2.6.2-8.2, right?
Yes, I think so.

> 
> I've updated using YOU and now am not able to rsync large directories:
> 
> rsync -av --delete /home/* /home.backup/
> building file list ... done
> rsync: connection unexpectedly closed (8 bytes read so far)
> rsync error: error in rsync protocol data stream (code 12) at io.c(342)
> 
> The version shipped with 9.1 works just fine with the same directories.
> 
> Was this update rushed in? Any fixes?
I will forward this to our maintainer. Thanks for the feedback.

Sebastian

-- 
~
~ perl self.pl
~ $_='print"\$_=\47$_\47;eval"';eval
~ krahmer@xxxxxxx - SuSE Security Team
~


-- 
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here