[rsync-announce] rsync is NOT vulnerable to the latest zlib security problem

rsync-announce at lists.samba.org rsync-announce at lists.samba.org
Mon Jul 11 17:13:34 GMT 2005

The zlib folks have clarified that version 1.1.4 is not vulnerable to
the latest zlib security problem, so all released versions of rsync are
not affected by the most recent security problem that was found in
version 1.2.2 (and also affects 1.2.1).  So, there is now no rush to
release version 2.6.6 of rsync.  Instead, it can act as a trial version
to ensure that upgrading the zlib version is not going to cause any
problems, and I will allow a little more in the way of features to be
added to rsync before releasing the final 2.6.6.

I apologize for the confusion, but I was playing it safe in case rsync
was affected by this zlib vulnerability.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.samba.org/archive/rsync-announce/attachments/20050711/ead313c8/attachment.bin

More information about the rsync-announce mailing list