36 matches found
MGASA-2015-0146 Updated librsync packages fix security vulnerabilities
Updated librsync packages fix security vulnerability: librsync before 1.0.0 used a truncated MD4 "strong" check sum to match blocks. However, MD4 is not cryptographically strong. It's possible that an attacker who can control the contents of one part of a file could use it to control other region...
Updated librsync packages fix security vulnerabilities
Updated librsync packages fix security vulnerability: librsync before 1.0.0 used a truncated MD4 "strong" check sum to match blocks. However, MD4 is not cryptographically strong. It's possible that an attacker who can control the contents of one part of a file could use it to control other region...
Fedora 21 : csync2-1.34-15.fc21 / duplicity-0.6.25-3.fc21 / librsync-1.0.0-1.fc21 / etc (2015-3497)
Changes in librsync 1.0.0 2015-01-23 ====================================== - SECURITY: CVE-2014-8242: librsync previously used a truncated MD4 'strong' check sum to match blocks. However, MD4 is not cryptographically strong. It's possible that an attacker who can control the contents of one part...
Fedora 20 : csync2-1.34-15.fc20 / duplicity-0.6.25-3.fc20 / librsync-1.0.0-1.fc20 / etc (2015-3366)
Changes in librsync 1.0.0 2015-01-23 ====================================== - SECURITY: CVE-2014-8242: librsync previously used a truncated MD4 'strong' check sum to match blocks. However, MD4 is not cryptographically strong. It's possible that an attacker who can control the contents of one part...
Fedora Update for librsync FEDORA-2015-3366
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for librsync FEDORA-2015-3497
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 21 Update: duplicity-0.6.25-3.fc21
Duplicity incrementally backs up files and directory by encrypting tar-format volumes with GnuPG and uploading them to a remote or local file server. In theory many protocols for connecting to a file server could be supported; so far ssh/scp, local file access, rsync, ftp, HSI, WebDAV and Amazon ...
[SECURITY] Fedora 21 Update: librsync-1.0.0-1.fc21
librsync implements the "rsync" algorithm, which allows remote differencing of binary files. librsync computes a delta relative to a file's checksum, so the two files need not both be present to generate a delta. This library was previously known as libhsync up to version 0.9.0. The current versi...
[SECURITY] Fedora 20 Update: librsync-1.0.0-1.fc20
librsync implements the "rsync" algorithm, which allows remote differencing of binary files. librsync computes a delta relative to a file's checksum, so the two files need not both be present to generate a delta. This library was previously known as libhsync up to version 0.9.0. The current versi...
librsync: checksum collision
librsync previously used a truncated MD4 "strong" check sum to match blocks. However, MD4 is not cryptographically strong. It's possible that an attacker who can control the contents of one part of a file could use it to control other regions of the file, if it's transferred using librsync/rdiff...
Fedora 22 : csync2-1.34-15.fc22 / duplicity-0.6.25-3.fc22 / librsync-1.0.0-1.fc22 / etc (2015-2923)
Changes in librsync 1.0.0 2015-01-23 ====================================== - SECURITY: CVE-2014-8242: librsync previously used a truncated MD4 'strong' check sum to match blocks. However, MD4 is not cryptographically strong. It's possible that an attacker who can control the contents of one part...
[SECURITY] Fedora 22 Update: librsync-1.0.0-1.fc22
librsync implements the "rsync" algorithm, which allows remote differencing of binary files. librsync computes a delta relative to a file's checksum, so the two files need not both be present to generate a delta. This library was previously known as libhsync up to version 0.9.0. The current versi...
[SECURITY] Fedora 22 Update: duplicity-0.6.25-3.fc22
Duplicity incrementally backs up files and directory by encrypting tar-format volumes with GnuPG and uploading them to a remote or local file server. In theory many protocols for connecting to a file server could be supported; so far ssh/scp, local file access, rsync, ftp, HSI, WebDAV and Amazon ...
librsync -- collision vulnerability
Michael Samuel reports: librsync before 1.0.0 uses a truncated MD4 checksum to match blocks, which makes it easier for remote attackers to modify transmitted data via a birthday attack...
Fedora Update for duplicity FEDORA-2008-1521
Check for the Version of duplicity OpenVAS Vulnerability Test Fedora Update for duplicity FEDORA-2008-1521 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under th...
[SECURITY] Fedora 7 Update: duplicity-0.4.9-1.fc7
Duplicity incrementally backs up files and directory by encrypting tar-format volumes with GnuPG and uploading them to a remote or local file server. In theory many protocols for connecting to a file server could be supported; so far ssh/scp, local file access, rsync, ftp, HSI, WebDAV and Amazon ...