UBUNTU-CVE-2014-8242

See a problem?
Please try reporting it to the source first.

Source

https://ubuntu.com/security/CVE-2014-8242

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2014/UBUNTU-CVE-2014-8242.json

JSON Data

https://api.test.osv.dev/v1/vulns/UBUNTU-CVE-2014-8242

Upstream

CVE-2014-8242

Published

2015-10-26T17:59:00Z

Modified

2025-09-08T16:43:14Z

Severity

Ubuntu - low

Summary

[none]

Details

librsync before 1.0.0 uses a truncated MD4 checksum to match blocks, which makes it easier for remote attackers to modify transmitted data via a birthday attack.

References

Affected packages

Ubuntu:Pro:16.04:LTS / librsync

Package

Name: librsync
Purl: pkg:deb/ubuntu/librsync@0.9.7-10?arch=source&distro=esm-infra/xenial

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

0.*

0.9.7-10

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "librsync-dev",
            "binary_version": "0.9.7-10"
        },
        {
            "binary_name": "librsync1",
            "binary_version": "0.9.7-10"
        },
        {
            "binary_name": "rdiff",
            "binary_version": "0.9.7-10"
        }
    ]
}

Ubuntu:Pro:18.04:LTS / librsync

Package

Name: librsync
Purl: pkg:deb/ubuntu/librsync@0.9.7-10build1?arch=source&distro=esm-infra/bionic

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

0.*

0.9.7-10

0.9.7-10build1

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "librsync-dev",
            "binary_version": "0.9.7-10build1"
        },
        {
            "binary_name": "librsync1",
            "binary_version": "0.9.7-10build1"
        },
        {
            "binary_name": "rdiff",
            "binary_version": "0.9.7-10build1"
        }
    ]
}