FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

rsync -- incremental recursion memory corruption vulnerability

Affected packages
3.0 < rsync < 3.0.8

Details

VuXML ID 9a777c23-b310-11e0-832d-00215c6a37bb
Discovery 2011-04-08
Entry 2011-07-20

rsync development team reports:

Fixed a data-corruption issue when preserving hard-links without preserving file ownership, and doing deletions either before or during the transfer (CVE-2011-1097). This fixes some assert errors in the hard-linking code, and some potential failed checksums (via -c) that should have matched.

References

CVE Name CVE-2011-1097
URL https://bugzilla.samba.org/show_bug.cgi?id=7936