similar to: [Bug 11949] New: A malicious sender can still use symlinks to overwrite files

Hello, rsync-patches/slp.diff is still using lp_numserv which was removed by commit b583594ac7d2f8a38aca85c1bfa4b1487122377a Signed-off-by: Vitezslav Cizek <vcizek at suse.cz> --- slp.diff | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/slp.diff b/slp.diff index a9703f1..953b400 100644 --- a/slp.diff +++ b/slp.diff @@ -479,7 +479,7 @@ new file mode 100644 +

https://bugzilla.samba.org/show_bug.cgi?id=5795 Summary: error in rsync protocol data stream (code 12) at io.c(632) [sender=3.0.4] Product: rsync Version: 3.0.4 Platform: x86 OS/Version: Mac OS X Status: NEW Severity: blocker Priority: P3 Component: core AssignedTo:

https://bugzilla.samba.org/show_bug.cgi?id=5407 Summary: hlink.c:480: finish_hard_link: Assertion `flist != ((void *)0)' failed. Product: rsync Version: 3.0.2 Platform: x86 OS/Version: Linux Status: NEW Severity: major Priority: P3 Component: core AssignedTo:

https://bugzilla.samba.org/show_bug.cgi?id=11166 Bug ID: 11166 Summary: running with -vvv causes a hang Product: rsync Version: 3.1.1 Hardware: All OS: All Status: NEW Severity: normal Priority: P5 Component: core Assignee: wayned at samba.org Reporter: pskocik at

https://bugzilla.samba.org/show_bug.cgi?id=10372 Summary: rsync 3.10 error in protocol data stream while rsync 3.0.9 runs through Product: rsync Version: 3.1.0 Platform: x64 OS/Version: Linux Status: NEW Severity: normal Priority: P5 Component: core AssignedTo: wayned at

I am involved with the development of lbackup. This message to the rsync mailing list is related to the following thread on the lbackup-disccussion mailing list : http://tinyurl.com/lbackup-discussion-diskfull Essentially, I am curious to if any one using rsync 3.0.7 on Mac OS (10.6) Server has experienced an out of disk space error and not had a message similar to the following reported : >

The Asterisk Development Team has announced the release of Asterisk 13.8.0. This release is available for immediate download at http://downloads.asterisk.org/pub/telephony/asterisk The release of Asterisk 13.8.0 resolves several issues reported by the community and would have not been possible without your participation. Thank you! The following are the issues resolved in this release: New

Dear r-helpers, I have a data frame that looks like this: > str(fred) `data.frame': 3243 obs. of 14 variables: $ date : chr "02-09-19" "02-09-19" "02-09-19" "02-09-19" ... $ time : chr "10:31:34" "10:31:34" "10:31:39" "11:36:12" ... $ cpusys : num 0 0.11 0.37 0 0.13 0.46 0 0.01 0.01 0

The Xen netback implementation contains a couple of flaws which can allow a guest to cause a DoS in the backend domain, potentially affecting other domains in the system. CVE-2013-0216 is a failure to sanity check the ring producer/consumer pointers which can allow a guest to cause netback to loop for an extended period preventing other work from occurring. CVE-2013-0217 is a memory leak on an

All, Has anyone had any thoughts/discussion on providing a malicious call trace feature within Asterisk. Most legacy PBX's support this feature which allows a handset user to indicate using DTMF during a call that it's a malicious call which instructs the PBX to send a specific Q931 message over the ISDN to the providers switch telling it to log the call details as malicious for later

This repository has begun triggering alerts in my enterprises trend micro solution this morning. centos.firehosted.com/7.2.1511/updates/x86_64/repodata/repomd.xml Any tips on ensuring this repository is never queried by my systems ? It seems to keep getting picked up on freshly deployed vagrants for development at this time. Thanks, Corey Erickson

Directory name have some malicious characters, is it safe?How can I exclude some characters,thanks! -------------- next part -------------- An HTML attachment was scrubbed... URL: <https://dovecot.org/pipermail/dovecot/attachments/20190520/e3ea2c53/attachment.html> -------------- next part -------------- A non-text attachment was scrubbed... Name: smiley-laughing.gif Type: image/gif

How is that dangerous? If you pipe output from a directory listing to *any* command you need to sanitize it. That's normal if you have data that can be created by a user. The issue is known since the very beginning of Linux

Hi! I use OpenSuse 12.1 and I have written to OpenSuse security maillist but noone can help me. Here is an OpenSuse forum topic where have describe the problem in details: http://forums.opensuse.org/english/get-technical-help-here/network-internet/476052-i-think-its-virus-while-nmbd-running-some-web-sites-redirected-broken.html Here is a Ukrainian key media recourse http://www.pravda.com.ua/

Hello Osama, and Hisham, At 1330GMT there was some malicious activity coming from your network IP 37.75.210.90. Please act accordingly. Things that may be of use "972599779558" N.

Use scripts to create some malicious directories. Here is my creation process. How can I prevent the creation of these directories? I used the python imapclient script to create a directory. There may be no big threat to dovecot, but it is dangerous for doveadm. -------------- next part -------------- An HTML attachment was scrubbed... URL:

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Xen Security Advisory CVE-2012-4544 / XSA-25 Xen domain builder Out-of-memory due to malicious kernel/ramdisk ISSUE DESCRIPTION ================= The Xen PV domain builder contained no validation of the size of the supplied kernel or ramdisk either before or after decompression. This could cause the toolstack to consume all available RAM

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Xen Security Advisory CVE-2012-4544,CVE-2012-2625 / XSA-25 version 2 Xen domain builder Out-of-memory due to malicious kernel/ramdisk UPDATES IN VERSION 2 ==================== Clarify that XSA-25 is reporting, via the Xen.org security process, both CVE-2012-4544 and CVE-2012-2625. Also we would like to

Hi all, Testing would be appreciated (esp. Ron?): I'd like to push this as soon as possible into 2.6.23. I thought of it while pondering kvm-lite, and then proved it was a problem... == If a Guest makes hypercall which sets a GDT entry to not present, we currently set any segment registers using that GDT entry to 0. Unfortunately, this is not sufficient: there are other ways of altering

Hi all, Testing would be appreciated (esp. Ron?): I'd like to push this as soon as possible into 2.6.23. I thought of it while pondering kvm-lite, and then proved it was a problem... == If a Guest makes hypercall which sets a GDT entry to not present, we currently set any segment registers using that GDT entry to 0. Unfortunately, this is not sufficient: there are other ways of altering