-rsync 2.5.3 (11 March 2002)
-
- "Happy 26"
+NEWS for rsync 2.6.6 (UNRELEASED)
+Protocol: 29 (unchanged)
+Changes since 2.6.5:
SECURITY FIXES:
- * Make sure that supplementary groups are removed from a server
- process after changing uid and gid. (Ethan Benson) (Debian bug
- #132272, CVE CAN-2002-0080)
+ - Applied a zlib fix to block a buffer overflow in the decompression
+ code. Only affects a daemon if it allows uploads and does not refuse
+ the --compress option.
BUG FIXES:
- * Fix zlib double-free bug. (Owen Taylor, Mark J Cox) (CVE
- CAN-2002-0059)
+ - The setting of flist->high in clean_flist() was wrong for an empty list.
+ This could cause flist_find() to crash in certain rare circumstances
+ (e.g. if just the right directory setup was around when --fuzzy was
+ combined with --link-dest).
- * Fixed problem that in many cases caused the error message
- unexpected read size of 0 in map_ptr
- and resulted in the wrong data being copied.
+ - The outputting of hard-linked files when verbosity was > 1 was not right:
+ without -i it would output the name of each hard-linked file as though
+ it had been changed (it now outputs a "is hard linked" message for the
+ file); with -i it would output all dots for the unchanged attributes of
+ a hard-link (it now changes those dots to spaces, as is done for other
+ totally unchanged items).
- * Fixed compilation errors on some systems caused by the use of
- "unsigned int64" in rsync.h.
+ - When backing up a changed symlink or device, get rid of any old backup
+ item so that we don't get an "already exists" error.
- * Fixed problem on systems such as Sunos4 that do not support realloc
- on a NULL pointer; error was "out of memory in flist_expand".
+ - A couple places that were comparing a local and a remote modification-
+ time were not honoring the --modify-window option.
- * Fix for rsync server processes hanging around after the client
- unexpectedly disconnects. (Colin Walters) (Debian bug #128632)
+ - Fixed a really old, minor bug that could cause rsync to warn about being
+ unable to mkdir() a path that ends in "/." because it just created the
+ directory (required --relative, --no-implied-dirs, a source path that
+ ended in either a trailing slash or a trailing "/.", and a non-existing
+ destination dir to tickle the bug in a recent version).
- * Cope with BSD systems on which mkdir() will not accept a trailing
- slash.
+ - If the user specifies a remote-host for both the source and destination,
+ we now output a syntax error rather than trying to open the destination
+ hostspec as a filename.
ENHANCEMENTS:
- * Merge in changes from zlib 1.1.2 to zlib 1.1.3. (Note that
- rsync still uses a custom version of zlib; you can not just link
- against a system library. See zlib/README.rsync)
+ - Made the "max verbosity" setting in the rsyncd.conf file settable on a
+ per-module basis (which now matches the documentation).
+
+ - The support/rrsync script has been upgraded to verify the args of options
+ that take them (instead of rejecting any such options). The script was
+ also changed to try to be more secure and to fix a problem in the parsing
+ of a pull operation that has multiple sources.
+
+ - Upgraded the zlib code from 1.1.4 to 1.2.2 (plus the security fix
+ mentioned above).
- * Command to initiate connections is only shown with -vv, rather
- than -v as in 2.5.2. Output from plain -v is more similar to
- what was historically used so as not to break scripts that try
- to parse the output.
+ BUILD CHANGES:
- * Added --no-whole-file and --no-blocking-io options (Dave Dykstra)
+ - Made configure define NOBODY_USER (currently hard-wired to "nobody") and
+ NOBODY_GROUP (set to either "nobody" or "nogroup" depending on what we
+ find in the /etc/group file).
- * Made the --write-batch and --read-batch options actually work
- and added documentation in the man page (Jos Backus)
+ - Added a test to the test suite, itemized.test, that tests the output of
+ -i (log-format w/%i) and some double-verbose messages.
- * If the daemon is unable to fork a child to accept a connection,
- print an error message. (Colin Walters)