Matt McCutchen's Web Site / rsync / rsync.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Make sure we call setgroups() after setuid(). (Ethan Benson)
[rsync/rsync.git] / NEWS
diff --git a/NEWS b/NEWS
index 8c54134..0d1fc6a 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -1,5 +1,10 @@
 rsync 2.5.3 (not released yet)
 
+  SECURITY FIXES:
+
+    * Make sure that supplementary groups are removed from a server
+      process after changing uid and gid. (Ethan Benson)
+
   ENHANCEMENTS:
 
     * Command to initiate connections is only shown with -vv, rather
Matt McCutchen's repository for rsync, the fast and versatile remote file copier