drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Denial of Service in rsync
Name: |
Denial of Service in rsync |
|
ID: |
FEDORA-2014-5315 |
|
Distribution: |
Fedora |
|
Plattformen: |
Fedora 20 |
|
Datum: |
So, 20. April 2014, 09:51 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2855 |
|
Applikationen: |
rsync |
|
Originalnachricht |
Name : rsync Product : Fedora 20 Version : 3.1.0 Release : 3.fc20 URL : http://rsync.samba.org/ Summary : A program for synchronizing files over a network Description : Rsync uses a reliable algorithm to bring remote and host files into sync very quickly. Rsync is fast because it just sends the differences in the files over the network instead of sending the complete files. Rsync is often used as a very powerful mirroring process or just as a more capable replacement for the rcp command. A technical report which describes the rsync algorithm is included in this package.
------------------------------------------------------------------------------- - Update Information:
This update fixes CVE-2014-2855 and temporary reverts compilation with system provided zlib(BZ#1043965). ------------------------------------------------------------------------------- - ChangeLog:
* Wed Apr 16 2014 Michal Luscon <mluscon@redhat.com> - 3.1.0-3 - Fixed: CVE-2014-2855 - denial of service - Reverted: compilation with system provided zlib * Sun Oct 20 2013 Michal Lusocn <mluscon@redhat.com> - 3.1.0-2 - Update to latest upstream 3.1.0 - Fixed #1018520 - missing rsyncd@.service ------------------------------------------------------------------------------- - References:
[ 1 ] Bug #1087841 - CVE-2014-2855 rsync: CPU consumption denial of service when authenticating with a non-existent username https://bugzilla.redhat.com/show_bug.cgi?id=1087841 ------------------------------------------------------------------------------- -
This update can be installed with the "yum" update program. Use su -c 'yum update rsync' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys ------------------------------------------------------------------------------- - _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-announce
|
|
|
|