Source: rsync Version: 3.1.1-3 Severity: important Tags: security upstream patch fixed-upstream
Hi, Filling this in the Debian BTS so that we can have a reference. >From https://bugzilla.redhat.com/show_bug.cgi?id=1197601: > Michael Samuel discovered that rsync was vulnerable to checksum > collisions. This could prevent rsync from running and syncing files > successfully, which could break various applications that use and > rely on rsync. > > Details are available in the original report: > > http://www.openwall.com/lists/oss-security/2014/07/28/1 Upstream commit is https://git.samba.org/?p=rsync.git;a=commit;h=eac858085e3ac94ec0ab5061d11f52652c90a869 See as well https://lists.samba.org/archive/rsync/2015-May/030123.html Regards, Salvatore _______________________________________________ Secure-testing-team mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-team
