Format: 1.8 Date: Thu, 18 Jan 2018 17:00:13 -0300 Source: rsync Binary: rsync Architecture: armhf Version: 3.1.0-2ubuntu0.4 Distribution: trusty Urgency: medium Maintainer: Launchpad Build Daemon <buildd@bos01-arm64-021.buildd> Changed-By: Leonidas S. Barbosa <leo.barbosa@canonical.com> Description: rsync - fast, versatile, remote (and local) file-copying tool Changes: rsync (3.1.0-2ubuntu0.4) trusty-security; urgency=medium . * SECURITY UPDATE: receive_xattr function does not check for '\0' character allowing denial of service attacks - debian/patches/CVE-2017-16548.patch: enforce trailing \0 when receiving xattr values in xattrs.c. - CVE-2017-16548 * SECURITY UPDATE: Allows remote attacker to bypass argument - debian/patches/CVE-2018-5764.patch: Ignore --protect-args when already sent by client in options.c. - CVE-2018-5764 Checksums-Sha1: 6c944d79aaf85d44bac4dfa49978f0cb3c3df1f5 263038 rsync_3.1.0-2ubuntu0.4_armhf.deb Checksums-Sha256: eb611a1b7c8d5e0267551a6e9b610245a3aae06a557955d12a03c99a9abe1e8a 263038 rsync_3.1.0-2ubuntu0.4_armhf.deb Files: f826eb9d903db713e42262585164f459 263038 net optional rsync_3.1.0-2ubuntu0.4_armhf.deb Original-Maintainer: Paul Slootman <paul@debian.org>