RSync Security Advisory

Niki Guldbrand niki at lunar-linux.org
Thu Dec 4 10:59:20 GMT 2003


s/debian/gentoo/

On Thu, 2003-12-04 at 10:44, Niki Guldbrand wrote:
> Hi All.
> 
> If any of you have a rsync server please update at once (Dbguin has been
> updated.)
> 
> I have just bumped the version of rsync in moonbase to version 2.5.7
> which contains a Heap overflow fix which is belived to have been used to
> gain access to the debian systems, and together with the kernel do_brk
> bug would give full root access.
> 
> See here for more details: http://rsync.samba.org/
> 
> 
> Niki
> 
> ______________________________________________________________________
> _______________________________________________
> lunar mailing list
> lunar at lunar-linux.org
> http://dbguin.lunar-linux.org/mailman/listinfo/lunar
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lunar-linux.org/pipermail/lunar/attachments/20031204/5c873e37/attachment.bin


More information about the lunar mailing list