Need a kernel patch for the following security vulnerability: CVE-2014-8242: <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8242> More details regarding the vulnerability: Vulnerability in rsync in Linux/unix. This vulnerability potentially affects all the Linux/Unix distributions using librsync. Problem description : A vulnerability has been discovered in the "rsync" files synchronizing program. It allows a malicious person to affect data confidentiality and integrity. Technical context : The rsync program enables users and administrators to synchronize files between different machines. Technical information : This vulnerability is due to a flaw when using a cryptographic hash function not strong enough (MD4). It allows a remote attacker, able to control the contents of one part of a file, to use it to control other regions of the file, if this one is transferred using a vulnerable librsync/rdiff library.
None
