Release date:
2026-04-21 11:09:06 UTC
Description:
- CVE-2017-16548: fix heap overread in receive_xattr by enforcing trailing
NUL on received xattr names
- CVE-2017-17434: sanitize xname in read_ndx_and_attrs and check daemon
filter against fnamecmp in recv_files
- CVE-2018-5764: prevent client from resetting protect_args during the
second parse_arguments pass on the daemon
Updated packages:
-
rsync-3.0.6-12.el6.tuxcare.els7.x86_64.rpm
sha:c3f1ee0322aee9eb414841e2d722f7f6a7dec69b36fd9cf7e3d59324cc0d242d
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
