Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -6 articles for you...
100
security advisoryrsync patchimportant updateopenSUSE Leap Micro 5.2 - SUSE-SU-2022:2959-2 Important Rsync Issue
An update that fixes one vulnerability is now available. . SUSE Security Update: Security update for rsync ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:2959-2 Rating: important References: #1201840 Cross-References: CVE-2022-29154 CVSS scores: CVE-2022-29154 (NVD) : 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H CVE-2022-29154 (SUSE): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: openSUSE Leap Micro 5.2 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for rsync fixes the following issues: - CVE-2022-29154: Fixed an arbitrary file write issue that could be triggered by a malicious remote server (bsc#1201840). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap Micro 5.2: zypper in -t patch openSUSE-Leap-Micro-5.2-2022-2959=1 Package List: - openSUSE Leap Micro 5.2 (aarch64 x86_64): rsync-3.1.3-150000.4.13.1 rsync-debuginfo-3.1.3-150000.4.13.1 rsync-debugsource-3.1.3-150000.4.13.1 References: https://www.suse.com/security/cve/CVE-2022-29154.html https://bugzilla.suse.com/1201840 . SUSE Security Advisory: Patch for rsync addressing a critical file overwrite vulnerability associated with CVE-2022-29154 specifics.. SUSE Security Update, Rsync Patch, File Write Issue. . Severity: Important. LinuxSecurity.com Team
Sep 01, 2022
•Important
SuSE
217
security advisorysecurity updatecriticalOracle Linux 9 ELSA-2022-4593 Major Rsync Vulnerability Fix
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2022-4592 https://linux.oracle.com/errata/ELSA-2022-4592.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: rsync-3.2.3-9.el9_0.1.x86_64.rpm rsync-daemon-3.2.3-9.el9_0.1.noarch.rpm aarch64: rsync-3.2.3-9.el9_0.1.aarch64.rpm rsync-daemon-3.2.3-9.el9_0.1.noarch.rpm SRPMS: https://oss.oracle.com:443/ol9/SRPMS-updates/rsync-3.2.3-9.el9_0.1.src.rpm Related CVEs: CVE-2018-25032 Description of changes: [3.2.3-9.1] - Resolves: #2074784 - A flaw found in zlib v1.2.2.2 through zlib v1.2.11 when compressing certain inputs _______________________________________________ El-errata mailing list
Jul 01, 2022
•Important
Oracle
99
security advisoryremote code executionslackwareSlackware: Security Advisory on Rsync Remote Code Execution
There exist several signedness bugs within the rsync program which allow remote attackers to write 0-bytes to almost arbitrary stack-locations, therefore being able to control the programflow and obtaining a shell remotely.. New rsync packages are available to fix a security problem. Here's the information from the Slackware 8.0 ChangeLog: Fri Jan 25 14:25:51 PST 2002 patches/packages/rsync.tgz: Fixed a security hole by upgrading to rsync-2.4.8pre1. This is the relevant information from the rsync NEWS file: SECURITY FIXES: * Signedness security patch from Sebastian Krahmer -- in some cases we were not sufficiently careful about reading integers from the network. (* Security fix *) We recommend that sites providing external rsync access upgrade to the fixed rsync package as soon as possible. WHERE TO FIND THE NEW PACKAGE: ------------------------------ Updated rsync package for Slackware 8.0: Updated rsync package for Slackware 7.1: MD5 SIGNATURE: -------------- Here are the md5sums for the packages: Slackware 8.0: 1e87ef764968bc9da53e38eadf8a7d22 rsync.tgz Slackware 7.1: 294079e04b18dafddee820468aad3a16 rsync.tgz INSTALLATION INSTRUCTIONS: -------------------------- Simply upgrade as root: # upgradepkg rsync.tgz Remember, it's also a good idea to backup configuration files before upgrading packages. - Slackware Linux Security Team The Slackware Linux Project . New modifications to rsync have been deployed to remedy a security flaw. For guidance on installing the most recentversion and information on the upgrade procedure, click here.. rsync Security, Remote Code Execution, Signedness Bugs. . Severity: Critical. LinuxSecurity.com Team
Jan 26, 2002
•Critical
Slackware
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!