The Slackware Linux Project: Mailing List Info

Mailing List Info

News
Security Advisories
FAQ
Book
General Info
Get Slack
Install Help
Configuration
Packages
ChangeLogs
Propaganda
Ports
Other Sites
Support
Contact

Mailing Lists
Archives

About

From: Slackware Security Team <security@slackware.com>
To: slackware-security@slackware.com
Subject: [slackware-security] rsync update fixes security problems
Date: Fri, 25 Jan 2002 16:03:17 -0800 (PST)

New rsync packages are available to fix a security problem.

Here's the information from the Slackware 8.0 ChangeLog:

Fri Jan 25 14:25:51 PST 2002
patches/packages/rsync.tgz:  Fixed a security hole by upgrading to
  rsync-2.4.8pre1.  This is the relevant information from the rsync NEWS file:

  SECURITY FIXES:

    * Signedness security patch from Sebastian Krahmer
      <krahmer@suse.de> -- in some cases we were not sufficiently
      careful about reading integers from the network.

(* Security fix *)

We recommend that sites providing external rsync access upgrade to the fixed
rsync package as soon as possible.


WHERE TO FIND THE NEW PACKAGE:
------------------------------
Updated rsync package for Slackware 8.0:
ftp://ftp.slackware.com/pub/slackware/slackware-8.0/patches/packages/rsync.tgz

Updated rsync package for Slackware 7.1:
ftp://ftp.slackware.com/pub/slackware/slackware-7.1/patches/packages/rsync.tgz


MD5 SIGNATURE:
--------------

Here are the md5sums for the packages:

Slackware 8.0:
1e87ef764968bc9da53e38eadf8a7d22  rsync.tgz

Slackware 7.1:
294079e04b18dafddee820468aad3a16  rsync.tgz


INSTALLATION INSTRUCTIONS:
--------------------------

Simply upgrade as root:

   # upgradepkg rsync.tgz


Remember, it's also a good idea to backup configuration files before
upgrading packages.

- Slackware Linux Security Team
  http://www.slackware.com


+------------------------------------------------------------------------+
| HOW TO REMOVE YOURSELF FROM THIS MAILING LIST:                         |
+------------------------------------------------------------------------+
| Send an email to majordomo@slackware.com with this text in the body of |
| the email message:                                                     |
|                                                                        |
|   unsubscribe slackware-security                                       |
|                                                                        |
| You will get a confirmation message back.  Follow the instructions to  |
| complete the unsubscription.  Do not reply to this message to          |
| unsubscribe!                                                           |
+------------------------------------------------------------------------+

Slackware™ is a trademark of Patrick Volkerding.