-rsync 2.5.3 (not released yet)
+rsync 2.5.3 (11 March 2002)
+
+ "Happy 26"
SECURITY FIXES:
* Make sure that supplementary groups are removed from a server
- process after changing uid and gid. (Ethan Benson)
+ process after changing uid and gid. (Ethan Benson) (Debian bug
+ #132272, CVE CAN-2002-0080)
BUG FIXES:
+ * Fix zlib double-free bug. (Owen Taylor, Mark J Cox) (CVE
+ CAN-2002-0059)
+
* Fixed problem that in many cases caused the error message
unexpected read size of 0 in map_ptr
and resulted in the wrong data being copied.
ENHANCEMENTS:
+ * Merge in changes from zlib 1.1.2 to zlib 1.1.3. (Note that
+ rsync still uses a custom version of zlib; you can not just link
+ against a system library. See zlib/README.rsync)
+
* Command to initiate connections is only shown with -vv, rather
than -v as in 2.5.2. Output from plain -v is more similar to
what was historically used so as not to break scripts that try