Joined: 12 May 2004
|Posted: Tue May 08, 2018 4:26 pm Post subject: [ GLSA 201805-04 ] rsync
|Gentoo Linux Security Advisory
Title: rsync: Arbitrary command execution (GLSA 201805-04)
A vulnerability in rsync might allow remote attackers to execute
File transfer program to keep remote files into sync.
Vulnerable: < 3.1.3
Unaffected: >= 3.1.3
Architectures: All supported architectures
A vulnerability was discovered in rsync’s parse_arguments function in
Remote attackers could possibly execute arbitrary commands with the
privilege of the process.
There is no known workaround at this time.
All rsync users should upgrade to the latest version:
|# emerge --sync
# emerge --ask --oneshot --verbose ">=net-misc/rsync-3.1.3"