Techly NewsGet the app

Get the latest tech news

Rsync 3.4 Released Due To Multiple, Significant Security Vulnerabilities


Rsync 3.4 is out today for this widely-used utility for incrementally transferring and synchronizing files between systems

Rsync 3.4 isn't coming for delivering some grand new features and other improvements but rather warranted due to some newly-disclosed security issues. The rsync issues include a heap buffer overflow, information leak, server leaking arbitrary client files, server can make client write files outside of the destination directory via symbolic links, safe-links bypass, and a symlink race condition. The Rsync protocol number is also bumped to 32 for making it easier to check on servers being updated due to the security woes.

Get the Android app

Or read this on Phoronix

Read more on:

Photo of rsync

rsync

Related news:

News photo

Compiling and running sqlite3-rsync from a branch

News photo

Using rsync to create a limited ability to write remote files

« Meta Tells Brazil It Won't End Fact-checks Outside US 'At This Time'
On the eve of Switch 2 announcement, the game industry has a lot at stake »