Hi, the following CVE ids were assigned to these vulnerabilities: CVE-2007-6200[0]: | Unspecified vulnerability in rsync before 3.0.0pre6, when running a writable | rsync daemon, allows remote attackers to bypass exclude, exclude_from, and | filter and read or write hidden files via (1) symlink, (2) partial-dir, (3) | backup-dir, and unspecified (4) dest options.
and CVE-2007-6199[1]: | rsync before 3.0.0pre6, when running a writable rsync daemon that is not using | chroot, allows remote attackers to access restricted files via unknown vectors | that cause rsync to create a symlink that points outside of the module's | hierarchy. Please mention those CVE ids in the changelog. Do you need me to NMU this or are you going to upload now? Kind regards Nico -- Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted.
pgp5VZIUIBH58.pgp
Description: PGP signature
