Gentoo Security Advisory GLSA 200408-17 (rsync)

The remote host is missing updates announced in advisory GLSA 200408-17.
All users should update to the latest version of the rsync package. # emerge sync # emerge -pv '>=net-misc/rsync-2.6.0-r3' # emerge '>=net-misc/rsync-2.6.0-r3'
rsync fails to properly sanitize paths. This vulnerability could allow the listing of arbitrary files and allow file overwriting outside module's path on rsync server configurations that allow uploading.