- - Fixed a crash bug that might appear when --delete was used and
- multiple source directories were specified.
-
- - The --backup code no longer attempts to create some directories
- over and over again (generating warnings along the way).
-
- - Fixed a bug in the reading of the secrets file (by the daemon) and
- the password file (by the client): the files no longer need to be
- terminated by a newline for their content to be read in.
-
- - If a file has a read error on the sending side, the receiver will
- no longer keep the resulting file unless the --partial option was
- specified. (Note: both sides must be running 2.6.3 for this to
- work -- older receivers always keep the file, and older senders
- don't tell the receiver that the file was not read correctly.)
-
- - Fixed an age-old crash problem with --read-batch on a local copy
- (rsync was improperly assuming --whole-file for the local copy).
-
- - Files specified in the daemon's "exclude" or "exclude from" config
- items are now excluded from being uploaded (assuming that the module
- allows uploading at all) in addition to the old download exclusion.
-
- - When using --backup without a --backup-dir, rsync no longer preserves
- the modify time on directories. This avoids confusing NFS.
-
- - Fixed a bug in the daemon authentication code when using one of the
- batch-processing options.
+ - An rsync daemon that is receiving files with "use chroot = no" no longer
+ sanitizes the symlink target strings. This means that each symlink's
+ value will now be accepted (and thus returned) with its symlink info
+ intact. Also, in order to keep things safe, any option that tells a
+ non-chroot daemon to treat some symlinks as their referent (such as
+ --copy-links or --keep-dirlinks) now manually checks the symlink chain
+ to ensure that the symlinks do not try to escape past the top of the
+ module's path. Both these changes make a non-chroot daemon behave the
+ same as a chroot daemon with regard to symlinks, and also avoids a
+ potential problem where a pre-existing symlink could have escaped the
+ module's hierarchy.
+
+ - Fixed a overzealous sanitizing bug in the handling of the --*-dest
+ options (--link-dest, --copy-dest, and --compare-dest): if the copy's
+ destination dir is deeper than the top of the module's path, these
+ options now accept a safe number of ../ (parent-dir) references (since
+ these options are relative to the destination dir). The old code
+ incorrectly chopped off all "../" prefixes for these options, no matter
+ how deep the destination directory was in the module's hierarchy.
+
+ - Fixed a bug where a deferred info/error/log message could get sent
+ directly to the sender instead of being handled by rwrite() in the
+ generator. This fixes an "unexpected tag 3" fatal error, and should
+ also fix a potential problem where a deferred info/error message from
+ the receiver might bypass the log file and get sent only to the client
+ process. (These problems could only affect an rsync daemon that was
+ receiving files.)
+
+ - Make sure that the --link-dest option can still do its job even when -I
+ or --size-only is specified.
+
+ - The daemon now calls more timezone-using functions prior to doing a
+ chroot. This should help some C libraries to generate proper timestamps
+ from inside a chrooted daemon (and to not try to access /etc/timezone
+ over and over again).