feld on Nostr: everyone is overreacting to CVEs like usual if you're doing rsync over SSH, they'd ...
everyone is overreacting to CVEs like usual
if you're doing rsync over SSH, they'd have to have compromised the server key to not trigger the fingerprint/impersonation warning
If the server is compromised by an attacker, you have much larger problems.
Secure both ends. Use a secure network transport that can't be MITM'd. These problems don't matter then.
if you're doing rsync over SSH, they'd have to have compromised the server key to not trigger the fingerprint/impersonation warning
If the server is compromised by an attacker, you have much larger problems.
Secure both ends. Use a secure network transport that can't be MITM'd. These problems don't matter then.
quoting nevent1q…wmz9The rsync utility in Linux, *BSD, and Unix-like systems are vulnerable to multiple security issues, including arbitrary code execution, arbitrary file upload, information disclosure, and privilege escalation. Hence, you must patch the system ASAP https://www.cyberciti.biz/linux-news/cve-2024-12084-rsyn-security-urgent-update-needed-on-unix-bsd-systems/
#infosec #security #linux #unix
