rsync 3.1.1 allows remote attackers to write to arbitrary files via a symlink attack on a file in the synchronization path.