Detalji

Izdanom nadogradnjom ispravljen je sigurnosni propust u radu alata rsync, distribuiranog s operacijskim sustavima Fedora 13 i 14. Rsync je alat otvorenog programskog koda koji se koristi za udaljenu ili lokalnu sinkronizaciju datoteka. Prilikom korištenja određenih rekurzija, naredbi brisanja i naredbi povezanih uz vlasništvo dolazi do pojave propusta u ranjivom paketu. Nedostatak omogućuje napadačima rušenje ranjivog sustava ili pokretanje proizvoljnog programskog koda putem zlonamjerno oblikovanih podataka. Svim se korisnicima preporuča nadogradnja na nove inačice. 

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2011-4427
2011-03-30 19:26:25
--------------------------------------------------------------------------------

Name        : rsync
Product     : Fedora 13
Version     : 3.0.8
Release     : 1.fc13
URL         : http://rsync.samba.org/
Summary     : A program for synchronizing files over a network
Description :
Rsync uses a reliable algorithm to bring remote and host files into
sync very quickly. Rsync is fast because it just sends the differences
in the files over the network instead of sending the complete
files. Rsync is often used as a very powerful mirroring process or
just as a more capable replacement for the rcp command. A technical
report which describes the rsync algorithm is included in this
package.

--------------------------------------------------------------------------------
Update Information:

Rebase to 3.0.8
--------------------------------------------------------------------------------
ChangeLog:

* Tue Mar 29 2011 Vojtech Vitek <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 3.0.8-1
- Rebase to 3.0.8, remove buffer overflow patch
  Resolves: #691362, #675036
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #675036 - CVE-2011-1097 rsync: Incremental file-list corruption due
to temporary file_extra_cnt increments
        https://bugzilla.redhat.com/show_bug.cgi?id=675036
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update rsync' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list
Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
https://admin.fedoraproject.org/mailman/listinfo/package-announce


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2011-4413
2011-03-30 19:25:45
--------------------------------------------------------------------------------

Name        : rsync
Product     : Fedora 14
Version     : 3.0.8
Release     : 1.fc14
URL         : http://rsync.samba.org/
Summary     : A program for synchronizing files over a network
Description :
Rsync uses a reliable algorithm to bring remote and host files into
sync very quickly. Rsync is fast because it just sends the differences
in the files over the network instead of sending the complete
files. Rsync is often used as a very powerful mirroring process or
just as a more capable replacement for the rcp command. A technical
report which describes the rsync algorithm is included in this
package.

--------------------------------------------------------------------------------
Update Information:

Rebase to 3.0.8
--------------------------------------------------------------------------------
ChangeLog:

* Tue Mar 29 2011 Vojtech Vitek <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 3.0.8-1
- Rebase to 3.0.8, remove buffer overflow patch
  Resolves: #691362, #675036
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #675036 - CVE-2011-1097 rsync: Incremental file-list corruption due
to temporary file_extra_cnt increments
        https://bugzilla.redhat.com/show_bug.cgi?id=675036
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update rsync' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list
Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
https://admin.fedoraproject.org/mailman/listinfo/package-announce

Idi na vrh