Subject: Re: rsync-2.6.9 has a remote-user-shell
To: None <email@example.com>
From: Adrian Portelli <firstname.lastname@example.org>
Date: 10/07/2007 18:34:03
George Georgalis wrote:
> I've been wondering about this audit-packages message...
> Package rsync-2.6.9 has a remote-user-shell vulnerability, see
> seems to be around a while. On the rsync list I found a patch.
> Can someone aply it?
> // George
This was fixed about 6 weeks ago by tron@ and the package was bumped to
2.6.9nb1. The fix was also pulled up into the stable branch.