CVE-2018-5764 (https://nvd.nist.gov/vuln/detail/CVE-2018-5764): The parse_arguments function in options.c in rsyncd in rsync before 3.1.3 does not prevent multiple --protect-args uses, which allows remote attackers to bypass an argument-sanitization protection mechanism.
@Maintainers 3.1.3 is already in tree, please call for stabilization when ready. Thank you
ia64 stable
commit 9c273ebd52e51556f86ec057c18fc0a138a70356 Author: Rolf Eike Beer <eike@sf-mail.de> Date: Wed Feb 7 00:21:21 2018 +0100 net-misc/rsync: stable 3.1.3 for hppa/sparc, bug #646818
x86 stable
amd64 stable
arm64 stable
Stable on alpha.
arm stable
ppc/ppc64 done
sh stable
s390 stable
glsa request filed
This issue was resolved and addressed in GLSA 201805-04 at https://security.gentoo.org/glsa/201805-04 by GLSA coordinator Aaron Bauman (b-man).