From: Wayne Davison Date: Sat, 8 Aug 2015 19:28:55 +0000 (-0700) Subject: Mention latest fixes. X-Git-Tag: v3.1.2pre1~2 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=3f26e38f86caaf9c846a0297d867f298416843b4;p=thirdparty%2Frsync.git Mention latest fixes. --- diff --git a/NEWS b/NEWS index 0c02d828..b4e92f40 100644 --- a/NEWS +++ b/NEWS @@ -2,13 +2,24 @@ NEWS for rsync 3.1.2 (UNRELEASED) Protocol: 31 (unchanged) Changes since 3.1.1: + SECURITY FIXES: + + - Make sure that all transferred files use only path names from inside the + transfer. This makes it impossible for a malicious sender to try to make + the receiver use an unsafe destination path for a transferred file, such + as a just-sent symlink. + BUG FIXES: - - Make sure that an inc-recursive transfer includes the right directory- - name prefixes for each dir. This makes it impossible for a malicious - sender to use a just-sent symlink as a path in a transfer. + - Change the checksum seed order in the per-block checksums. This prevents + someone from trying to create checksum blocks that match in sum but not + content. + - Fixed a with the per-dir filter files (using -FF) that could trigger an + assert failure. - Only skip set_modtime() on a transferred file if the time is exactly right. + - Don't create an empty backup dir for a transferred file that doesn't + exist yet. ENHANCEMENTS: @@ -21,4 +32,6 @@ Changes since 3.1.1: DEVELOPER RELATED: - Fixed a bug with the Makefile's use of INSTALL_STRIP. + - Improve a test in the suite that could get an erroneous timestamp error. - Tweaks for newer versions of git in the packaging tools. + - Improved the m4 generation rules and some autoconf idioms. diff --git a/OLDNEWS b/OLDNEWS index b0b01fb5..5a33d7ae 100644 --- a/OLDNEWS +++ b/OLDNEWS @@ -3650,6 +3650,7 @@ Changes since 2.4.6: Partial Protocol History RELEASE DATE VER. DATE OF COMMIT* PROTOCOL + ?? Aug 2015 3.1.2 31 22 Jun 2014 3.1.1 31 28 Sep 2013 3.1.0 31 Aug 2008 31 23 Sep 2011 3.0.9 30