Chapter 7. System and Subscription Management

`reposync` now by default skips packages whose location falls outside the destination directory

Previously, the reposync command did not sanitize paths to packages specified in a remote repository, which was insecure. A security fix for CVE-2018-10897 has changed the default behavior of reposync to not store any packages outside the specified destination directory. To restore the original insecure behavior, use the new --allow-path-traversal option. (BZ#1609302)

Where did the comment section go?

Red Hat's documentation publication system recently went through an upgrade to enable speedier, more mobile-friendly content. We decided to re-evaluate our commenting platform to ensure that it meets your expectations and serves as an optimal feedback mechanism. During this redesign, we invite your input on providing feedback on Red Hat documentation via the discussion platform.

Log in to Your Red Hat Account

Red Hat Account

Customer Portal

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

JBoss Development and Management

JBoss Integration and Automation

Mobile

Services

Tools

Red Hat Product Security Center

Security Updates

Resources

Customer Portal Community

Customer Events

Stories

Chapter 7. System and Subscription Management

`reposync` now by default skips packages whose location falls outside the destination directory

Where did the comment section go?

Chapter 7. System and Subscription Management

reposync now by default skips packages whose location falls outside the destination directory

Where did the comment section go?

`reposync` now by default skips packages whose location falls outside the destination directory