security bugs (?)
Lapo Luchini
lapo at lapo.it
Sat Sep 29 08:55:32 GMT 2007
Lapo Luchini wrote:
> As a Cygwin rsync package maintainer, the following security fixes have
> been brought to my attention:
>
> http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-misc/rsync/files/rsync-2.6.9-stats-fix.patch
> http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-misc/rsync/files/rsync-2.6.9-fname-obo.patch
On a closer inspection, the first one doesn't really seem to regard
security... what about the other, aka CVE-2007-4091[1] and SA26493[2]?
1. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4091
2. http://secunia.com/advisories/26493/
Lapo
More information about the rsync
mailing list