Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP1:Update
patchinfo.1302
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.1302
<patchinfo incident="1302"> <issue id="922710" tracker="bnc">rsyncd keeps on spamming my log for trying to register SLP</issue> <issue id="898513" tracker="bnc">Rsync: slp support breaks rsync usage</issue> <issue id="915410" tracker="bnc">VUL-0: CVE-2014-9512: rsync: path spoofing attack vulnerability</issue> <issue id="900914" tracker="bnc">VUL-1: CVE-2014-8242: librsync, rsync: checksum collisions leading to a denial of service</issue> <issue id="CVE-2014-9512" tracker="cve" /> <issue id="CVE-2014-8242" tracker="cve" /> <category>security</category> <rating>moderate</rating> <packager>vitezslav_cizek</packager> <description> This update for rsync fixes two security issues and two non-security bugs. The following vulnerabilities were fixed: - CVE-2014-8242: Checksum collisions leading to a denial of service (bsc#900914) - CVE-2014-9512: Malicious servers could send files outside of the transferred directory (bsc#915410) The following non-security bugs were fixed: - bsc#922710: Prevent rsyncd from spamming the log when trying to register SLP. - bsc#898513: slp support broke rsync usage. </description> <summary>Security update for rsync</summary> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor