| Errata ID | 625 |
|---|---|
| Date | 2019-03-27 |
| Source package | rsync |
| Fixed in version | 3.1.1-3+deb8u2A~4.2.5.201903260804 |
| Description | This update addresses the following issues: * Out-of-bounds pointer arithmetic in inftrees.c (CVE-2016-9840) * Out-of-bounds pointer arithmetic in inffast.c (CVE-2016-9841) * Undefined left shift of negative number (CVE-2016-9842) * Big-endian out-of-bounds pointer (CVE-2016-9843) * Sanitization bypass in parse_argument in options.c (CVE-2018-5764) |
| Additional notes | |
| CVE ID | CVE-2016-9840 CVE-2016-9841 CVE-2016-9842 CVE-2016-9843 CVE-2018-5764 |
| UCS Bug number | #49093 |
