R help - Jan 2002 - [O-T] rsync security bug on Debian potato

Hello-

	This is off-tpoic, but of interest.
	There's a remote exploit bug on rsync, that was posted on Linux Today.
	I post this here because apparently it hasn't been mentioned (yet) on the
	Debian security advisory. The package list is not updated either.
	Perhaps this is what happened to CRAN when it was cracked...
	Maybe you admins at CRAN would want to contact the debian-security list.

	URL:
	<http://www.linuxtoday.org/news_story.php3?ltsn=2002-01-26-006-20-SC-DB>
	
	Best regards,

	Henry L.


	
-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-
r-help mailing list -- Read http://www.ci.tuwien.ac.at/~hornik/R/R-FAQ.html
Send "info", "help", or "[un]subscribe"
(in the "body", not the subject !)  To: r-help-request at
stat.math.ethz.ch
_._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._

On Sat, Jan 26, 2002 at 03:08:03PM -0200, hzi at uol.com.br
wrote:
> Hello-
> 
> 	This is off-tpoic, but of interest.
> 	There's a remote exploit bug on rsync, that was posted on Linux Today.
> 	I post this here because apparently it hasn't been mentioned (yet) on
the
> 	Debian security advisory. The package list is not updated either.
Because is appears that the upstream patch is not addressing the problem.
> 	Perhaps this is what happened to CRAN when it was cracked...
> 	Maybe you admins at CRAN would want to contact the debian-security list.
I appreciate your concern, but I don't really think that this is the forum
for Debian-only questions.

Dirk

-- 
Good judgment comes from experience; experience comes from bad judgment. 
							    -- F. Brooks
-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-
r-help mailing list -- Read http://www.ci.tuwien.ac.at/~hornik/R/R-FAQ.html
Send "info", "help", or "[un]subscribe"
(in the "body", not the subject !)  To: r-help-request at
stat.math.ethz.ch
_._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._._