The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Vulnerability of rsync: vulnerability

Synthesis of the vulnerability

A vulnerability of rsync was announced.
Severity of this bulletin: 2/4.
Creation date: 19/01/2018.
Références of this threat: bulletinoct2018, CVE-2018-5764, DLA-1247-1, DLA-1725-1, FEDORA-2018-034101216d, FEDORA-2018-d0ebfab3f3, openSUSE-SU-2018:0643-1, USN-3543-2, VIGILANCE-VUL-25119.

Description of the vulnerability

A vulnerability of rsync was announced.
Full Vigil@nce bulletin... (Free trial)

This cybersecurity announce impacts software or systems such as Debian, Fedora, openSUSE Leap, Solaris, Ubuntu.

Our Vigil@nce team determined that the severity of this threat alert is medium.

The trust level is of type confirmed by the editor, with an origin of document.

An attacker with a expert ability can exploit this computer weakness alert.

Solutions for this threat

Debian 7: new rsync packages.
New packages are available:
  Debian 7: rsync 3.0.9-4+deb7u2

Debian 8: new rsync packages.
New packages are available:
  Debian 8: rsync 3.1.1-3+deb8u2

Fedora: new rsync packages.
New packages are available:
  Fedora 26: rsync 3.1.3-2.fc26
  Fedora 27: rsync 3.1.3-1.fc27

openSUSE Leap 42.3: new rsync packages.
New packages are available:
  openSUSE Leap 42.3: rsync 3.1.0-13.1

Oracle Solaris: patch for third party software of October 2018 v2.
A patch is available:
  https://support.oracle.com/rs?type=doc&id=1448883.1

Ubuntu 12: new rsync packages.
New packages are available:
  Ubuntu 12.04 ESM: rsync 3.0.9-1ubuntu1.3

Wind River Linux: solution (17/04/2018).
The solution is indicated in information sources.
Full Vigil@nce bulletin... (Free trial)

Computer vulnerabilities tracking service

Vigil@nce provides a networks vulnerabilities watch. The Vigil@nce vulnerability database contains several thousand vulnerabilities.