Updated rsync package fixes security vulnerabilityPublication date: 15 Feb 2015
Affected Mageia releases : 4
Updated rsync package fixes security vulnerability: Ryan Finnie discovered that rsync 3.1.0 contains a denial of service issue when attempting to authenticate using a nonexistent username. A remote attacker could use this flaw to cause a denial of service via CPU consumption (CVE-2014-2855). The previous update for this issue in MGASA-2014-0179 failed to properly apply the needed patch, so the package has been rebuilt to address this issue.