[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Fwd: rsync 2.6.1 released (including security note)

To: umce.linux@xxxxxxxxx
Subject: Fwd: rsync 2.6.1 released (including security note)
From: Patrick M McNeal <mcneal@xxxxxxxxx>
Date: Wed, 28 Apr 2004 13:15:20 -0400

Not sure if it's true, but it could be another answer to the "Why don't you use Debian?"

Begin forwarded message:

From: Paul Slootman <paul@xxxxxxxxxx>
Date: April 27, 2004 10:04:21 AM EDT
To: rsync@xxxxxxxxxxxxxxx
Subject: Re: rsync 2.6.1 released (including security note)
On Mon 26 Apr 2004, Wayne Davison wrote:
It includes a security note about a fix that affects read/write daemons that are not using chroot. If that includes you, you should look into upgrading (or maybe enabling chroot on an older rsync).
Is it possible to find the patches responsible for fixing the chroot
thing? The stable version of Debian doesn't accept new versions to fix
security risks (because the new version may introduce other as yet
unknown security risks). Instead, policy is to patch the stable version
with the fix.

Prev by Date: Re: umce linux 2.0 "os" meeting 4-26
Next by Date: umce linux 2.0 "os" meeting 5-3
Previous by thread: Re: umce linux 2.0 "os" meeting 4-26
Next by thread: umce linux 2.0 "os" meeting 5-3
Index(es):
- Date
- Thread