$OpenBSD: SECURITY,v 1.4 1999/11/21 23:42:53 espie Exp $

${WRKDIR}/receiver.c
	call to mktemp (wrapper function do_mktemp) does seem to be correct.

The server makes extensive use of strlcpy/strlcat/snprintf.

rsync upto 2.3.0 has a security hole. If rsync --version is less or equal
to that, you should upgrade.

rsync 2.3.1 has security holes in the rsyncd daemon when run with
chroot=no.   If you are using that feature, you should upgrade.