This is the mail archive of the
cygwin-apps
mailing list for the Cygwin project.
Re: [SECURITY] rsync: Two buffer overflows
- From: Lapo Luchini <lapo at lapo dot it>
- To: "[ML] CygWin-Apps" <cygwin-apps at cygwin dot com>
- Date: Sat, 29 Sep 2007 10:44:21 +0200
- Subject: Re: [SECURITY] rsync: Two buffer overflows
- Openpgp: id=C8F252FB
- References: <46F346B0.2010400@users.sourceforge.net>
Yaakov (Cygwin Ports) wrote:
> Lapo,
>
> AFAIK rsync is yours. Besides the update, the necessary patches are at:
> http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-misc/rsync/files/rsync-2.6.9-stats-fix.patch
> http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-misc/rsync/files/rsync-2.6.9-fname-obo.patch
The 2.6.9-2 included the second patch already.
I'm now rolling a -3 with the other one as well.
(and, still, no one seem to have noticed any on the rsync mailing list
nor rsync's homepage... I wonder why!)
--
Lapo Luchini
lapo@lapo.it (OpenPGP & X.509)
www.lapo.it (Jabber, ICQ, MSN)