Updated rsync package fixes security vulnerability
Publication date: 17 Apr 2014Type: security
Affected Mageia releases : 4
CVE: CVE-2014-2855
Description
Updated rsync package fixes security vulnerability: Ryan Finnie discovered that rsync 3.1.0 contains a denial of service issue when attempting to authenticate using a nonexistent username. A remote attacker could use this flaw to cause a denial of service via CPU consumption (CVE-2014-2855).
References
SRPMS
4/core
- rsync-3.1.0-4.2.mga4