Sebastian Krahmer discovered that rsync, a fast remote file copy program, contains an off-by-one error which might allow remote attackers to execute arbitrary code via long directory names. For the old stable distribution (sarge), this problem is not present. For the stable distribution (etch), this problem has been fixed in version 2.6.9-2etch1. For the unstable distribution (sid) this problem will be fixed soon. We recommend that you upgrade your rsync package.
Sebastian Krahmer discovered that rsync, a fast remote file copy program, contains an off-by-one error which might allow remote attackers to execute arbitrary code via long directory names.
For the old stable distribution (sarge), this problem is not present.
For the stable distribution (etch), this problem has been fixed in version 2.6.9-2etch4.
For the unstable distribution (sid) this problem will be fixed soon.
We recommend that you upgrade your rsync package.
MD5 checksums of the listed files are available in the original advisory.