openbsd-ports/net/rsync/pkg/SECURITY

$OpenBSD: SECURITY,v 1.3 1999/04/18 20:59:02 espie Exp $

${WRKDIR}/receiver.c
	call to mktemp (wrapper function do_mktemp) does seem to be correct.

The server makes extensive use of strlcpy/strlcat/snprintf.

rsync upto 2.3.0 has a security hole. If rsync --version is less or equal
to that, you should upgrade.
Upgrade to 2.3.1 1999-04-18 20:59:00 +00:00			$OpenBSD: SECURITY,v 1.3 1999/04/18 20:59:02 espie Exp $
Security audit for rsync. 1998-12-21 23:21:34 +00:00
			`${WRKDIR}/receiver.c`
			`call to mktemp (wrapper function do_mktemp) does seem to be correct.`

			`The server makes extensive use of strlcpy/strlcat/snprintf.`
Patch ups rsync to the same functionality as 2.3.1. Specifically, it fixes the security hole that is described in pkg/SECURITY... Wedged in as security fixes are important, especially when they're small. Real 2.3.1 will wait after tree thaws. 1999-04-09 02:20:14 +00:00
Upgrade to 2.3.1 1999-04-18 20:59:00 +00:00			`rsync upto 2.3.0 has a security hole. If rsync --version is less or equal`
			`to that, you should upgrade.`