Debian Package Tracker

From: Salvatore Bonaccorso <carnil@debian.org>
To: <debian-changes@lists.debian.org>
Subject: Accepted rsync 3.1.2-1+deb9u1 (source) into proposed-updates->stable-new, proposed-updates
Date: Sun, 24 Dec 2017 13:06:22 +0000
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 10 Dec 2017 13:57:17 +0100
Source: rsync
Binary: rsync
Architecture: source
Version: 3.1.2-1+deb9u1
Distribution: stretch-security
Urgency: high
Maintainer: Paul Slootman <paul@debian.org>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Closes: 880954 883665 883667
Description: 
 rsync      - fast, versatile, remote (and local) file-copying tool
Changes:
 rsync (3.1.2-1+deb9u1) stretch-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Enforce trailing \0 when receiving xattr name values (CVE-2017-16548)
     (Closes: #880954)
   * Check fname in recv_files sooner (CVE-2017-17433) (Closes: #883667)
   * Sanitize xname in read_ndx_and_attrs (CVE-2017-17434) (Closes: #883665)
   * Check daemon filter against fnamecmp in recv_files() (CVE-2017-17434)
     (Closes: #883665)
Checksums-Sha1: 
 a0c39bbd695204fc488e4b79f8200c50fdd23a5a 1873 rsync_3.1.2-1+deb9u1.dsc
 0d4c7fb7fe3fc80eeff922a7c1d81df11dbb8a1a 892724 rsync_3.1.2.orig.tar.gz
 59c8d07b61c8c9ad5e53f2935d71cc234e436eff 27796 rsync_3.1.2-1+deb9u1.debian.tar.xz
Checksums-Sha256: 
 991696d7997fc545ddbb784a315b21c252133368caefdb5efea460d4c4161050 1873 rsync_3.1.2-1+deb9u1.dsc
 ecfa62a7fa3c4c18b9eccd8c16eaddee4bd308a76ea50b5c02a5840f09c0a1c2 892724 rsync_3.1.2.orig.tar.gz
 913fcaa83d9d2d9aa344b9ea30b4b8c38000ef54d0a5c8c112b7f110a88535b4 27796 rsync_3.1.2-1+deb9u1.debian.tar.xz
Files: 
 c2c1f52a67fcb06890b59d1d51319a80 1873 net optional rsync_3.1.2-1+deb9u1.dsc
 0f758d7e000c0f7f7d3792610fad70cb 892724 net optional rsync_3.1.2.orig.tar.gz
 b148f588d04ecf9df2e98baff3715781 27796 net optional rsync_3.1.2-1+deb9u1.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlotNe5fFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89E9xEP/RHpxW1YWbKLp/2cIgP/O+4dkKFeYzRe
rPIyeVlLwBuOg+ktIGRmS1hilcXfVSLY9y9+R908BqKyTess0bAHIf+lgXkBZ12r
WQQHFvhCiz5Dt+hp2gtzFctD/VGh0d87CL31Lal4wmNkXjaiE87PdK2/hwioEDor
D75TgpCzLuF79280oSowkpFYHealZbuv8vfEfp7kxV+x214L9/M4HOLbQLi1OGL+
7kewXzbVZSPUrZmr6pGm2HFzTXN4xEIK7HOBfQy8F6+MIy6IAHaivdnjy2eZnrF/
1jeeP+5ZZ+rLy8VqHILJV11vAk9+LNNSlR9O1Jkf+i8wZu0rZfy+4o/xrOOh7UmB
jmzv7unlzfnjWu+DCqXMmu+igNwFEADA/PJAIFgIMPCFDmK4cRSG463KF2WLewGR
1BAokmdVphe6fFfmYnaEIEuAiJMzXIAoVE1AKNu4R44VLldZ0zGccOsF/aZ8YsCk
nZ0OI4WaQdZn9zMdn07e9oceM094kRJR5SmzWxCbFh+lxkpkyh+JBksL8zKmOqZl
Zlt0cjcRzq3hlhs997Yw8DAgdMA8AySX6d0NM3lqtDQ4ZUmu7SR722lxXdZ0XnPs
3eFhZIOp2QWEvy0O34wFaPHZAv0ZEP4f5X3AmR083kdMAv263jhtuuYp1ojUvsKG
f2JnWCvblgDl
=Q4RN
-----END PGP SIGNATURE-----
News for package rsync
