Red Hat Bugzilla – Bug 190208
CVE-2006-2083 rsync buffer overflow issue
Last modified: 2007-11-30 17:11:31 EST
rsync buffer overflow issue
The receive_xattr() function creates a buffer by adding two integer
variables together without verifying the resultant sum hasn't caused
an integer overflow.
The fix, which is a patch of a patch is here:
Only the last few lines matter for this patch, the rest is the result
of making a minor modification in a patch.
This issue also affects FC4