On Thu, 3 Jun 2004, Kastus wrote:
On Wed, May 26, 2004 at 01:41:23PM +0200, Sebastian Krahmer wrote:
2) Pending vulnerabilities in SUSE Distributions and Workarounds:
- rsync rsync prior to version 2.6.1 does not properly sanitize paths when running as read/write daemon without chroot. New update packages are available on our ftp servers which fix this problem.
This is about rsync-2.6.2-8.2, right? Yes, I think so.
I've updated using YOU and now am not able to rsync large directories:
rsync -av --delete /home/* /home.backup/ building file list ... done rsync: connection unexpectedly closed (8 bytes read so far) rsync error: error in rsync protocol data stream (code 12) at io.c(342)
The version shipped with 9.1 works just fine with the same directories.
Was this update rushed in? Any fixes?
I will forward this to our maintainer. Thanks for the feedback. Sebastian -- ~ ~ perl self.pl ~ $_='print"\$_=\47$_\47;eval"';eval ~ krahmer@suse.de - SuSE Security Team ~