Git-Url: http://git.frugalware.org/gitweb/gitweb.cgi?p=homepage-ng.git;a=commitdiff;h=37479f67631c86a1a8b3df87cf54c5553ad5460b
commit 37479f67631c86a1a8b3df87cf54c5553ad5460b Author: VMiklos <[EMAIL PROTECTED]> Date: Sun Sep 23 13:59:13 2007 +0200 FSA279-rsync diff --git a/frugalware/xml/security.xml b/frugalware/xml/security.xml index 7853a59..4518209 100644 --- a/frugalware/xml/security.xml +++ b/frugalware/xml/security.xml @@ -27,6 +27,18 @@ <fsas> <fsa> + <id>279</id> + <date>2007-09-23</date> + <author>vmiklos</author> + <package>rsync</package> + <vulnerable>2.6.9-1</vulnerable> + <unaffected>2.6.9-2terminus1</unaffected> + <bts>http://bugs.frugalware.org/task/2371</bts> + <cve>http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4091</cve> + <desc>Sebastian Krahmer has reported a vulnerability in rsync, which can potentially be exploited by malicious people to compromise a vulnerable system. + The vulnerability is caused due to an off-by-one error within the "f_name()" function in flist.c and can be exploited to cause a one-byte stack-based buffer overflow via an overly long directory name.</desc> + </fsa> + <fsa> <id>278</id> <date>2007-09-23</date> <author>vmiklos</author> _______________________________________________ Frugalware-git mailing list [email protected] http://frugalware.org/mailman/listinfo/frugalware-git
