[SCM] The rsync repository. - branch master updated
Rsync CVS commit messages
rsync-cvs at lists.samba.org
Mon May 11 15:33:47 MDT 2015
The branch, master has been updated
via 81ff413 Make the checksum_seed a bit harder to predict.
from eac8580 Add compat flag to allow proper seed checksum order. Fixes the equivalent of librsync's CVE-2014-8242 issue.
https://git.samba.org/?p=rsync.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 81ff413bb0d04bdccfdee82c32a76d26b5d08434
Author: Wayne Davison <wayned at samba.org>
Date: Mon May 11 14:31:07 2015 -0700
Make the checksum_seed a bit harder to predict.
-----------------------------------------------------------------------
Summary of changes:
compat.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
Changeset truncated at 500 lines:
diff --git a/compat.c b/compat.c
index f89d466..1df1db8 100644
--- a/compat.c
+++ b/compat.c
@@ -333,7 +333,7 @@ void setup_protocol(int f_out,int f_in)
if (am_server) {
if (!checksum_seed)
- checksum_seed = time(NULL);
+ checksum_seed = time(NULL) ^ (getpid() << 6);
write_int(f_out, checksum_seed);
} else {
checksum_seed = read_int(f_in);
--
The rsync repository.
More information about the rsync-cvs
mailing list