X-Git-Url: https://mattmccutchen.net/rsync/rsync.git/blobdiff_plain/9db17434906bf8797a59ba1f8222b6e110bec5fd..32199c6b00a6350c26e7a6eb82091f35938a1840:/NEWS

diff --git a/NEWS b/NEWS
index 7bb1d6b7..b75c05e0 100644
--- a/NEWS
+++ b/NEWS
@@ -4,9 +4,10 @@ Changes since 2.6.5:
 
   SECURITY FIXES:
 
-    - Applied a zlib fix to block a buffer overflow in the decompression
-      code.  Only affects a daemon if it allows uploads and does not refuse
-      the --compress option.
+    - The zlib code was upgraded to version 1.2.3 in order to make it more
+      secure.  While the widely-publicized security problem in zlib 1.2.2 did
+      not affect rsync, another security problem surfaced that affects rsync's
+      zlib 1.1.4.
 
   BUG FIXES:
 
@@ -34,18 +35,38 @@ Changes since 2.6.5:
       ended in either a trailing slash or a trailing "/.", and a non-existing
       destination dir to tickle the bug in a recent version).
 
+    - If the user specifies a remote-host for both the source and destination,
+      we now output a syntax error rather than trying to open the destination
+      hostspec as a filename.
+
   ENHANCEMENTS:
 
+    - Added the --append option that makes rsync append data onto files
+      that are longer on the source than the destination (this includes new
+      files).
+
+    - The configure script now checks for lutimes() and lchmod() so that
+      rsync can make use of them to update attributes of symlinks (on
+      systems that support this).
+
     - Made the "max verbosity" setting in the rsyncd.conf file settable on a
       per-module basis (which now matches the documentation).
 
+    - Added two config items to the rsyncd.conf parsing:  "pre-xfer exec"
+      and "post-xfer exec".  These allow a command to be specified on a
+      per-module basis that will be run before and/or after a daemon-mode
+      transfer. 
+
     - The support/rrsync script has been upgraded to verify the args of options
-      that take them (instead of rejecting any such options).  The script was
+      that take args (instead of rejecting any such options).  The script was
       also changed to try to be more secure and to fix a problem in the parsing
       of a pull operation that has multiple sources.
 
-    - Upgraded the zlib code from 1.1.4 to 1.2.2 (plus the security fix
-      mentioned above).
+    - Improved the documentation that explains the difference between a
+      normal daemon transfer and a daemon-over remote-shell transfer.
+
+    - Some of the diffs supplied in the patches dir were fixed and/or
+      improved.
 
   BUILD CHANGES: