Slackware64-14.0 ChangeLog (2018-02-01)
Thu Feb 1 18:24:15 UTC 2018
Packages
Upgraded
- patches/packages/rsync-3.1.3-x86_64-1_slack14.0.txz
This update fixes two security issues:
Fixed a buffer overrun in the protocol's handling of xattr names and
ensure that the received name is null terminated.
Fix an issue with –protect-args where the user could specify the arg in
the protected-arg list and short-circuit some of the arg-sanitizing code.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16548
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5764
(* Security fix *)