Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

CVE-2014-9512

Published: 12 February 2015

rsync 3.1.1 allows remote attackers to write to arbitrary files via a symlink attack on a file in the synchronization path.

Notes

AuthorNote
mdeslaur
rsync 3.1.1 introduced invalid filename filtering to prevent
malicious servers from sending files outside of the specified
directory:
https://git.samba.org/?p=rsync.git;a=commit;h=4cad402ea8a91031f86c53961d78bb7f4f174790

CVE-2014-9512 is about malicious servers being able to bypass
that filtering by changing paths.

This is a security hardening feature that was added in 3.1.1.
Either the whole feature needs to be backported to versions
earlier than 3.1.1, or this issue doesn't apply to them.

a second commit was later added:
https://git.samba.org/rsync.git/?p=rsync.git;a=commit;h=e12a6c087ca1eecdb8eae5977be239c24f4dd3d9
packages in vivid+ claim that this CVE is fixed, but are missing
the second commit

Priority

Medium

Status

Package Release Status
rsync
Launchpad, Ubuntu, Debian
lucid Ignored
(end of life)
precise
Released (3.0.9-1ubuntu1.1)
trusty
Released (3.1.0-2ubuntu0.2)
upstream
Released (3.1.2)
utopic Ignored
(end of life)
wily
Released (3.1.1-3ubuntu0.15.10.1)
vivid
Released (3.1.1-3ubuntu0.15.04.1)
Patches:
upstream: https://git.samba.org/?p=rsync.git;a=commit;h=962f8b90045ab331fc04c9e65f80f1a53e68243b
upstream: https://git.samba.org/rsync.git/?p=rsync.git;a=commit;h=e12a6c087ca1eecdb8eae5977be239c24f4dd3d9