(this happened when the pipe to rsync got broken, because rsync would
then try to write to stderr, find out it didn't work, and call exit_cleanup,
which would then try it all over again... oops.
See package cvs.log for details.
This includes fixing an obscure security hole.
Patch to avoid spinning in select on non-blocking descriptors (will
probably be fixed in rsync 2.3.3)
Specifically, it fixes the security hole that is described in
pkg/SECURITY...
Wedged in as security fixes are important, especially when they're small.
Real 2.3.1 will wait after tree thaws.