[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Fwd: rsync 2.6.1 released (including security note)

Not sure if it's true, but it could be another answer to the "Why don't you use Debian?"

Begin forwarded message:

From: Paul Slootman <paul@xxxxxxxxxx>
Date: April 27, 2004 10:04:21 AM EDT
To: rsync@xxxxxxxxxxxxxxx
Subject: Re: rsync 2.6.1 released (including security note)

On Mon 26 Apr 2004, Wayne Davison wrote:

It includes a security note about a fix that affects read/write daemons
that are not using chroot. If that includes you, you should look into
upgrading (or maybe enabling chroot on an older rsync).

Is it possible to find the patches responsible for fixing the chroot thing? The stable version of Debian doesn't accept new versions to fix security risks (because the new version may introduce other as yet unknown security risks). Instead, policy is to patch the stable version with the fix.