OpenPKG CVS Repository
http://cvs.openpkg.org/
____________________________________________________________________________
Server: cvs.openpkg.org Name: Ralf S. Engelschall
Root: /e/openpkg/cvs Email: [EMAIL PROTECTED]
Module: openpkg-src Date: 15-Aug-2004 12:00:33
Branch: OPENPKG_2_0_SOLID Handle: 2004081511003200
Modified files: (Branch: OPENPKG_2_0_SOLID)
openpkg-src/rsync rsync.patch rsync.spec
Log:
MFC: apply security fix
Summary:
Revision Changes Path
1.5.2.2 +30 -0 openpkg-src/rsync/rsync.patch
1.58.2.3 +1 -1 openpkg-src/rsync/rsync.spec
____________________________________________________________________________
patch -p0 <<'@@ .'
Index: openpkg-src/rsync/rsync.patch
============================================================================
$ cvs diff -u -r1.5.2.1 -r1.5.2.2 rsync.patch
--- openpkg-src/rsync/rsync.patch 21 May 2004 16:05:43 -0000 1.5.2.1
+++ openpkg-src/rsync/rsync.patch 15 Aug 2004 10:00:32 -0000 1.5.2.2
@@ -56,6 +56,8 @@
{
NEEDOUT
+=============================================================================
+
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0426
rsync before 2.6.1 does not properly sanitize paths when running
a read/write daemon without using chroot, which allows remote
@@ -155,3 +157,31 @@
filesfrom_fd = open(files_from, O_RDONLY|O_BINARY);
if (filesfrom_fd < 0) {
rsyserr(FERROR, errno,
+
+=============================================================================
+
+Security Fix:
+
+There is a path-sanitizing bug that affects daemon mode in all recent
+rsync versions (including 2.6.2) but only if chroot is disabled. It
+does NOT affect the normal send/receive filenames that specify what
+files should be transferred (this is because these names happen to get
+sanitized twice, and thus the second call removes any lingering leading
+slash(es) that the first call left behind). It does affect certain
+option paths that cause auxilliary files to be read or written. One
+potential fix that doesn't require recompiling rsync is to set "use
+chroot = true" for all the modules in the rsyncd.conf file.
+
+Index: util.c
+--- util.c.orig 2004-04-27 21:59:37 +0200
++++ util.c 2004-08-15 11:45:47 +0200
+@@ -743,7 +743,7 @@
+ allowdotdot = 1;
+ } else {
+ p += 2;
+- if (*p == '/')
++ while (*p == '/')
+ p++;
+ if (sanp != start) {
+ /* back up sanp one level */
+
@@ .
patch -p0 <<'@@ .'
Index: openpkg-src/rsync/rsync.spec
============================================================================
$ cvs diff -u -r1.58.2.2 -r1.58.2.3 rsync.spec
--- openpkg-src/rsync/rsync.spec 21 May 2004 16:05:43 -0000 1.58.2.2
+++ openpkg-src/rsync/rsync.spec 15 Aug 2004 10:00:32 -0000 1.58.2.3
@@ -34,7 +34,7 @@
Group: Filesystem
License: GPL
Version: 2.6.0
-Release: 2.0.1
+Release: 2.0.2
# list of sources
Source0: http://rsync.samba.org/ftp/rsync/rsync-%{version}.tar.gz
@@ .
______________________________________________________________________
The OpenPKG Project www.openpkg.org
CVS Repository Commit List [EMAIL PROTECTED]
