Debian Security Advisory

DLA-1247-1 rsync -- LTS security update

Date Reported:

19 Jan 2018

Affected Packages:

rsync

Vulnerable:

Yes

Security database references:

In Mitre's CVE dictionary: CVE-2018-5764.

More information:

It was discovered that there was an injection vulnerability in the rsync file-copying tool.

For Debian 7 Wheezy, this issue has been fixed in rsync version 3.0.9-4+deb7u2.

We recommend that you upgrade your rsync packages.