Date: Mon, 11 Mar 2002 15:25:45 -0800 (PST)
From: Slackware Security Team <security@slackware.com>
To: slackware-security@slackware.com
Subject: [slackware-security] rsync update fixes security problems


New rsync packages are available to fix security problems.

Here's the information from the Slackware 8.0 ChangeLog:

----------------------------
Mon Mar 11 15:09:26 PST 2002
patches/packages/rsync.tgz:  Upgraded to rsync-2.5.3.  This fixes two security
  problems:

  * Make sure that supplementary groups are removed from a server
    process after changing uid and gid. (Ethan Benson) (Debian bug
    #132272, CVE CAN-2002-0080)

  * Fix zlib double-free bug.  (Owen Taylor, Mark J Cox) (CVE CAN-2002-0059)

(* Security fix *)
----------------------------

We recommend that sites providing external rsync access upgrade to the fixed
rsync package as soon as possible.


WHERE TO FIND THE NEW PACKAGE:
------------------------------
Updated rsync package for Slackware 8.0: 
 

Updated rsync package for Slackware 7.1: 
 


MD5 SIGNATURE:
--------------

Here are the md5sums for the packages:

Slackware 8.0:
e88390bae124be2af4b707ad3fbfc791  rsync.tgz

Slackware 7.1:
959b82dd4fbb84da564b2ce18eb56afc  rsync.tgz


INSTALLATION INSTRUCTIONS:
--------------------------

Simply upgrade as root:

   # upgradepkg rsync.tgz


Remember, it's also a good idea to backup configuration files before
upgrading packages.

- Slackware Linux Security Team
   The Slackware Linux Project

Slackware: 'rsync' Multiple vulnerabilities

March 12, 2002
Fixes the zlib vulnerability and supplementary groups are removed from a server process after changing uid and gid.

Summary

Where Find New Packages

MD5 Signatures

Severity
Date: Mon, 11 Mar 2002 15:25:45 -0800 (PST) From: Slackware Security Team <security@slackware.com> To: slackware-security@slackware.com Subject: [slackware-security] rsync update fixes security problems
New rsync packages are available to fix security problems.
Here's the information from the Slackware 8.0 ChangeLog:
---------------------------- Mon Mar 11 15:09:26 PST 2002 patches/packages/rsync.tgz: Upgraded to rsync-2.5.3. This fixes two security problems:
* Make sure that supplementary groups are removed from a server process after changing uid and gid. (Ethan Benson) (Debian bug #132272, CVE CAN-2002-0080)
* Fix zlib double-free bug. (Owen Taylor, Mark J Cox) (CVE CAN-2002-0059)
(* Security fix *) ----------------------------
We recommend that sites providing external rsync access upgrade to the fixed rsync package as soon as possible.
WHERE TO FIND THE NEW PACKAGE: ------------------------------ Updated rsync package for Slackware 8.0:
Updated rsync package for Slackware 7.1:
MD5 SIGNATURE: --------------
Here are the md5sums for the packages:
Slackware 8.0: e88390bae124be2af4b707ad3fbfc791 rsync.tgz
Slackware 7.1: 959b82dd4fbb84da564b2ce18eb56afc rsync.tgz
INSTALLATION INSTRUCTIONS: --------------------------
Simply upgrade as root:
# upgradepkg rsync.tgz
Remember, it's also a good idea to backup configuration files before upgrading packages.
- Slackware Linux Security Team The Slackware Linux Project

Installation Instructions

Related News

19.Laptop Bed Esm H320
2 - 3 min read
The release of Google Chrome 124 addresses four vulnerabilities, including a critical security flaw that can enable attackers to execute arbitrary
23.Tablet Connections Esm H320
2 - 3 min read
The release of Ubuntu 24.04 LTS , also known as Noble Numbat, brings various security enhancements and exciting new features . These improvements
4.Lock AbstractDigital Esm H320
2 - 3 min read
Tails 6.2 is a new Linux distribution release that expands its multilingual support and improves security features. The distribution is a
19.Laptop Bed Esm H320
2 - 3 min read
AlmaLinux 9.4 beta has been released and provides compelling reasons to consider it for desktop usage. While AlmaLinux is primarily known as a
32.Lock Code Circular Esm H320
2 - 3 min read
Linux admins and security practitioners face significant challenges in keeping their Linux systems secure amidst the constant threat of kernel bugs.
1.Penguin Landscape Esm H320
2 - 3 min read
A significant security threat, known as the Spectre v2 exploit, has been observed targeting Linux systems running on modern Intel processors. Let's
10.FingerPrint Locks Esm H320
2 - 3 min read
The recent release of I2P 2.5.0 , an anonymous P2P network that protects against online censorship, surveillance, and monitoring, has brought a slew
24.Key Code Esm H320
2 - 3 min read
The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved