Hi all,
as a mirror admin mirroring various Linux distributions I am getting warnings about critical rsync vulnerability described here: https://kb.cert.org/vuls/id/952657 . The message to Debian mirrors says that affected versions are rsync >= 3.2.7, while I run my mirror on Alma9, which has 3.2.3, so I presume it is not affected (also the above link lists Alma9 as not affected).
Just a heads-up, check your rsync versions.
Cheers,
-Yenya (ftp.fi.muni.cz Fedora Tier0 mirror admin)
Hi Yenya,
thanks for the information in regards to this CVE. The Mirror has already been updated yesterday ito fix this CVE.
Best regards, Philipp Stark
-- Adfinis AG support@adfinis.com
Margarethenstrasse 49 | CH-4053 Basel Giessereiweg 5 | CH-3007 Bern Stampfenbachstrasse 40 | CH-8006 Zürich
Tel: +41 61 500 31 30
mirror-admin@lists.fedoraproject.org
-
Jan Kasprzak -
Philipp Stark via Adfinis AG