| 1 | NEWS for rsync 2.6.9 (unreleased) |
| 2 | Protocol: 29 (unchanged) |
| 3 | Changes since 2.6.8: |
| 4 | |
| 5 | BUG FIXES: |
| 6 | |
| 7 | - An rsync daemon that is receiving files with "use chroot = no" no longer |
| 8 | sanitizes the symlink target strings. This means that each symlink's |
| 9 | value will now be accepted (and thus returned) with its symlink info |
| 10 | intact. Also, in order to keep things safe, any option that tells a |
| 11 | non-chroot daemon to treat some symlinks as their referent (such as |
| 12 | --copy-links or --keep-dirlinks) now manually checks the symlink chain |
| 13 | to ensure that the symlinks do not try to escape past the top of the |
| 14 | module's path. Both these changes make a non-chroot daemon behave the |
| 15 | same as a chroot daemon with regard to symlinks, and also avoids a |
| 16 | potential problem where a pre-existing symlink could have escaped the |
| 17 | module's hierarchy. |
| 18 | |
| 19 | - Fixed a overzealous sanitizing bug in the handling of the --*-dest |
| 20 | options (--link-dest, --copy-dest, and --compare-dest): if the copy's |
| 21 | destination dir is deeper than the top of the module's path, these |
| 22 | options now accept a safe number of ../ (parent-dir) references (since |
| 23 | these options are relative to the destination dir). The old code |
| 24 | incorrectly chopped off all "../" prefixes for these options, no matter |
| 25 | how deep the destination directory was in the module's hierarchy. |
| 26 | |
| 27 | - Fixed a bug where a deferred info/error/log message could get sent |
| 28 | directly to the sender instead of being handled by rwrite() in the |
| 29 | generator. This fixes an "unexpected tag 3" fatal error, and should |
| 30 | also fix a potential problem where a deferred info/error message from |
| 31 | the receiver might bypass the log file and get sent only to the client |
| 32 | process. (These problems could only affect an rsync daemon that was |
| 33 | receiving files.) |
| 34 | |
| 35 | - Make sure that the --link-dest option can still do its job even when -I |
| 36 | or --size-only is specified. |
| 37 | |
| 38 | - The daemon now calls more timezone-using functions prior to doing a |
| 39 | chroot. This should help some C libraries to generate proper timestamps |
| 40 | from inside a chrooted daemon (and to not try to access /etc/timezone |
| 41 | over and over again). |
| 42 | |
| 43 | ENHANCEMENTS: |
| 44 | |
| 45 | - ... |
| 46 | |
| 47 | DEVELOPER RELATED: |
| 48 | |
| 49 | - The acls.diff and xattrs.diff patches have received a bunch of work to |
| 50 | make them much closer to being acceptable in the main distribution. |
| 51 | |
| 52 | - Updated config.guess and config.sub to their 2006-02-23 version. |
| 53 | |
| 54 | - Updated various files to include the latest FSF address and to have |
| 55 | consistent opening comments. |