Slashdot Mirror

← Back to Stories (view on slashdot.org)

New rsync Released to Fix Vulnerability

Posted by CowboyNeal on from the better-safe-than-sorry dept.

cshields2 writes "Today the rsync developers have released a new version that fixes an exploitable security vulnerability when running rsync as an 'rsync server.' Any server out there running rsync should check this out and upgrade if necessary. (which is every open source mirror server out there, and many mirrors themselves)"

7 of 226 comments (clear)

  1. rsync by Anonymous Coward · · Score: 5, Funny

    News Flash:

    rsync releases a patch and changes its name to r'sync. The change is noted to increase its name recognition in the teenybopper script kiddie market. At this point, no pimply-faced l337 d00dz will dare deface r'sync for fear that they will be further alienated by the female species.

    Unfortunately, timberlake and FatOne continue to be backdoored.

    1. Re:rsync by prog-guru · · Score: 5, Funny

      Rsync is also the preferred transfer method of pirates, software and treasure hunting ('arrr sync').

      --

      chris@xanadu:~$ whatis /.
      /.: nothing appropriate.

  2. Re:chroot by Anonymous Coward · · Score: 2, Funny

    perhaps they were saving themselves for chmarriage

    *boomtish*

    *ducks flying rotten fruit*

  3. this is why i dont use any package management by n0k14 · · Score: 3, Funny

    i do it the slack way.

  4. Re:Advice for everybody: by Anonymous Coward · · Score: 2, Funny

    Also, patch every box which you root thanks to linux and rsync security problems.

  5. arg. by mikeee · · Score: 4, Funny

    Of course, to patch this, you should go to your local mirror, which will be down until they patch the rsync vulnerablity...

    Doh!

  6. SSR#4 by Anonymous Coward · · Score: 2, Funny

    This calls for Standard Slashdot Response #4:
    Yay! This was so fast. Even when we suck we don't suck!