rsync 2.6.1 released (including security note)
Paul Slootman
paul at wurtel.net
Tue Apr 27 14:04:21 GMT 2004
On Mon 26 Apr 2004, Wayne Davison wrote:
>
> It includes a security note about a fix that affects read/write daemons
> that are not using chroot. If that includes you, you should look into
> upgrading (or maybe enabling chroot on an older rsync).
Is it possible to find the patches responsible for fixing the chroot
thing? The stable version of Debian doesn't accept new versions to fix
security risks (because the new version may introduce other as yet
unknown security risks). Instead, policy is to patch the stable version
with the fix.
The cvsweb access from the website seems to be MIA (404).
Paul Slootman
More information about the rsync
mailing list