This is the mail archive of the
cygwin-apps
mailing list for the Cygwin project.
Re: [UPLOAD] rsync-2.6.9-1
- From: David Rothenberger <daveroth at acm dot org>
- To: cygapps <cygwin-apps at cygwin dot com>
- Date: Tue, 28 Aug 2007 09:48:00 -0700
- Subject: Re: [UPLOAD] rsync-2.6.9-1
- References: <46D33902.5020403@lapo.it>
On 8/27/2007 1:50 PM, Lapo Luchini wrote:
http://cyberx.lapo.it/cygwin/lighttpd/setup.hint (unchanged)
http://cyberx.lapo.it/cygwin/rsync/rsync-2.6.9-1.tar.bz2
http://cyberx.lapo.it/cygwin/rsync/rsync-2.6.9-1-src.tar.bz2
Would it make sense to include the patch from
http://c-skills.blogspot.com/2007/08/cve-2007-4091.html in the 2.6.9
release to fix the off-by-one errors that could lead remote code
execution?[*]
I'm sorry for not noticing this before rsync was uploaded. I have a
local build of 2.6.9 with the patch applied that's been working fine for
me for a while.
[*] http://secunia.com/advisories/26493/
--
David Rothenberger ---- daveroth@acm.org
optimist, n:
A bagpiper with a beeper.