Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
slackwareSlackware Linux ProjectSSA-2002-0311152545
HistoryMar 11, 2002 - 3:25 p.m.

rsync update fixes security problems

2002-03-1115:25:45
Slackware Linux Project
www.slackware.com
11

0.473 Medium

EPSS

Percentile

97.5%

JSON

New rsync packages are available to fix security problems.

Here’s the information from the Slackware 8.0 ChangeLog:

Mon Mar 11 15:09:26 PST 2002
patches/packages/rsync.tgz: Upgraded to rsync-2.5.3. This fixes two security
problems:

  • Make sure that supplementary groups are removed from a server
    process after changing uid and gid. (Ethan Benson) (Debian bug
    #132272, CVE CAN-2002-0080)

  • Fix zlib double-free bug. (Owen Taylor, Mark J Cox) (CVE CAN-2002-0059)

(* Security fix *)

We recommend that sites providing external rsync access upgrade to the fixed
rsync package as soon as possible.

WHERE TO FIND THE NEW PACKAGE:

Updated rsync package for Slackware 8.0:
ftp://ftp.slackware.com/pub/slackware/slackware-8.0/patches/packages/rsync.tgz

Updated rsync package for Slackware 7.1:
ftp://ftp.slackware.com/pub/slackware/slackware-7.1/patches/packages/rsync.tgz

MD5 SIGNATURE:

Here are the md5sums for the packages:

Slackware 8.0:
e88390bae124be2af4b707ad3fbfc791 rsync.tgz

Slackware 7.1:
959b82dd4fbb84da564b2ce18eb56afc rsync.tgz

INSTALLATION INSTRUCTIONS:

Simply upgrade as root:

 > upgradepkg rsync.tgz

Remember, it’s also a good idea to backup configuration files before
upgrading packages.

Related

nessus 4
cisco 1
nvd 2
securityvulns 3
openvas 2
cve 2
cvelist 2
freebsd_advisory 1
debian 1
cert 1
ibm 8
nessus
nessus
Mandrake Linux Security Advisory : rsync (MDKSA-2002:024)
2004-07-31 00:00:00
Mandrake Linux Security Advisory : zlib (MDKSA-2002:022)
2004-07-31 00:00:00
Mandrake Linux Security Advisory : zlib-pkgs (MDKSA-2002:023-1)
2004-07-31 00:00:00
cisco
cisco
Vulnerability in the zlib Compression Library
2002-04-03 16:00:00
nvd
nvd
CVE-2002-0059
2002-03-15 05:00:00
CVE-2002-0080
2002-03-15 05:00:00
securityvulns
securityvulns
security problem fixed in zlib 1.1.4
2002-03-12 00:00:00
Advisory CA-2002-07 Double Free Bug in zlib Compression Library
2002-03-13 00:00:00
CERT Advisory CA-2003-02 Double-Free Bug in CVS Server
2003-01-23 00:00:00
openvas
openvas
Debian Security Advisory DSA 122-1 (zlib, various)
2008-01-17 00:00:00
Debian Security Advisory DSA 122-1 (zlib, various)
2008-01-17 00:00:00
cve
cve
CVE-2002-0080
2002-06-25 04:00:00
CVE-2002-0059
2002-06-25 04:00:00
cvelist
cvelist
CVE-2002-0059
2002-06-25 04:00:00
CVE-2002-0080
2002-06-25 04:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-02:18.zlib
2002-03-18 00:00:00
debian
debian
[SECURITY] [DSA 122-1] New zlib & other packages fix buffer overflow
2002-03-11 00:00:00
cert
cert
Double Free Bug in zlib Compression Library Corrupts malloc's Internal Data Structures
2002-03-11 00:00:00
ibm
ibm
Security Bulletin: IBM® Db2® is affected by multiple vulnerabilities in the open source zlib library.
2023-12-20 20:15:04
Security Bulletin: IBM Cloud Pak for Network Automation 2.6.5 fixes multiple security vulnerabilities
2024-01-31 10:30:09
Security Bulletin: Multiple Vulnerabilities in CloudPak for Watson AIOps
2023-09-28 07:49:45

0.473 Medium

EPSS

Percentile

97.5%

JSON
Related for SSA-2002-0311152545
nessus4cisco1nvd2securityvulns3openvas2cve2cvelist2freebsd_advisory1debian1cert1ibm8