Nathan Rosenquist

**Name of the Vulnerable Software and Affected Versions** rsnapshot versions 1.1.x through 1.1.6 rsnapshot version 1.2.0 **Description** The issue allows local users to obtain access to arbitrary files due to the copy symlink function changing the ownership of files that a symlink points to rather than the symlink itself. **Recommendations** For rsnapshot version 1.2.0, update to a version that fixes the issue with the copy symlink function. For rsnapshot versions 1.1.x through 1.1.6, update to version 1.1.7 or later to resolve the issue.