Slackware Linux Advisory: rsyncDec 04, 2003, 20:58 (0 Talkback[s])
[slackware-security] rsync security update (SSA:2003-337-01)
Rsync is a file transfer client and server.
A security problem which may lead to unauthorized machine access or code execution has been fixed by upgrading to rsync-2.5.7. This problem only affects machines running rsync in daemon mode, and is easier to exploit if the non-default option "use chroot = no" is used in the /etc/rsyncd.conf config file.
Any sites running an rsync server should upgrade immediately.
For complete information, see the rsync home page:
Here are the details from the Slackware 9.1 ChangeLog:
Updated package for Slackware 8.1:
Updated package for Slackware 9.0:
Updated package for Slackware 9.1:
Updated package for Slackware -current:
Slackware 8.1 package:
Slackware 9.0 package:
Slackware 9.1 package:
Slackware -current package:
If you're running rsync as a daemon, kill it:
# killall rsync
Then, upgrade the package:
# upgradepkg rsync-2.5.7-i486-1.tgz
Finally, restart the rsync daemon:
# rsync --daemon