1 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
6 <!--#include virtual="header.html" -->
8 <H2 align="center">Welcome to the rsync web pages</H2>
10 rsync is an <A HREF="http://www.opensource.org/">open source</A>
11 utility that provides fast incremental file transfer. rsync is freely
12 available under the <A HREF="GPL.html">GNU General Public
15 <p><i>(If you're using a version of rsync older than 2.6.3, see below for some security advisories.)</i>
17 <h3>Rsync 2.6.5pre1 released</h3>
19 <p><i style="color:#777777">May 10th, 2005</i>
21 <p>I have released rsync version 2.6.5pre1 -- the first pre-release for 2.6.5.
22 This version is primarily a bug-fix release to squash some annoying bugs that
23 made it into 2.6.4 (though a few minor enhancements did make it in as well).
25 <p>See the <a href="/ftp/rsync/preview/NEWS">release NEWS</a> for the
26 details of what changed since 2.6.4. You can also read the pre-release man pages
27 for <a href="http://rsync.samba.org/ftp/rsync/preview/rsync.html">rsync</a> and
28 <a href="http://rsync.samba.org/ftp/rsync/preview/rsyncd.conf.html">rsyncd.conf</a>.
30 <p>Please help with the testing by grabbing one of these source files:
31 <b><a href="/ftp/rsync/preview/rsync-2.6.5pre1.tar.gz">rsync-2.6.5pre1.tar.gz</a>
32 (<a href="/ftp/rsync/preview/rsync-2.6.5pre1.tar.gz.asc">signature</a>),
33 <a href="/ftp/rsync/preview/rsync-2.6.4-2.6.5pre1.diffs.gz">rsync-2.6.4-2.6.5pre1.diffs.gz</a>
34 (<a href="/ftp/rsync/preview/rsync-2.6.4-2.6.5pre1.diffs.gz.asc">signature</a>)</b>.
35 Note that the diffs do not contain updates for the "patches" dir -- grab the tar
36 file if you want the full release.
39 <h3>Rsync 2.6.4 released</h3>
41 <p><i style="color:#777777">March 30th, 2005</i>
43 <p>Rsync version 2.6.4 has been released. This release combines quite a
44 few new features, some improved delete efficiency, and the usual array of
47 <p>See the <a href="/ftp/rsync/NEWS">release NEWS</a> for the
48 details of what changed since 2.6.3. You can also read the man pages
49 for <a href="http://rsync.samba.org/ftp/rsync/rsync.html">rsync</a> and
50 <a href="http://rsync.samba.org/ftp/rsync/rsyncd.conf.html">rsyncd.conf</a>.
52 <p>See the <a href="download.html">download page</a> for all the ways
53 to grab the new version, or snag one of these:
54 <b><a href="/ftp/rsync/rsync-2.6.4.tar.gz">rsync-2.6.4.tar.gz</a>
55 (<a href="/ftp/rsync/rsync-2.6.4.tar.gz.asc">signature</a>),
56 <a href="/ftp/rsync/rsync-2.6.3-2.6.4.diffs.gz">rsync-2.6.3-2.6.4.diffs.gz</a>
57 (<a href="/ftp/rsync/rsync-2.6.3-2.6.4.diffs.gz.asc">signature</a>)</b>.
58 Note that the diffs do not contain updates for the "patches" dir -- grab the tar
59 file if you want the full release.
62 <h3>Rsync 2.6.3 released</h3>
64 <p><i style="color:#777777">September 30th, 2004</i>
66 <p>Rsync version 2.6.3 has been released. It contains several new features
67 and quite a few bug fixes.
69 <p>See the <a href="/ftp/rsync/old-versions/rsync-2.6.3-NEWS">release NEWS</a> for the
70 details of what changed since 2.6.2.
72 <a name="security_aug04"></a>
73 <h3 style="color:red">August 2004 Security Advisory</h3>
75 <p><i style="color:#777777">August 12th, 2004</i>
79 <p>There is a path-sanitizing bug that affects daemon mode in all modern
80 rsync versions through version 2.6.2, but only if chroot is disabled. It
81 does NOT affect the normal send/receive filenames that specify what
82 files should be transferred (this is because these names happen to get
83 sanitized twice, and thus the second call removes any lingering leading
84 slash(es) that the first call left behind). It does affect certain
85 option paths that cause auxilliary files to be read or written.
89 <p>The best fix is to apply this one-word patch to the sanitize_path()
93 --- orig/util.c 2004-04-27 12:59:37 -0700
94 +++ util.c 2004-08-11 23:37:27 -0700
103 /* back up sanp one level */
106 <p>This bug-fix was released in version 2.6.3 of rsync.
108 <p>One potential fix that doesn't require recompiling rsync is to set
109 "use chroot = true" for all the modules in the rsyncd.conf file.
112 <h3>Rsync 2.6.2 released</h3>
114 <p><i style="color:#777777">April 30th, 2004</i>
116 <p>Rsync version 2.6.2 has been released. It is a bugfix release that mainly
117 fixes <b>a bug with the --relative option (-R) in 2.6.1</b>
118 that could cause files to be transferred incorrectly. This only affected a
119 source right at the root of the filesystem, such as "/" or "/*" (if you
120 first "cd /" and then copy from ".", it would not tickle the bug).
122 <p>See the <a href="/ftp/rsync/old-versions/rsync-2.6.2-NEWS">release NEWS</a> for the
123 details of what else was fixed.
125 <h3>Rsync 2.6.1 released</h3>
127 <p><i style="color:#777777">April 26th, 2004</i>
129 <p>Rsync version 2.6.1 has been released. It is primarily a performance
130 release that requires less memory to run, makes fewer write calls to the socket
131 (lowering the system CPU time), does less string copying (lowering the user CPU
132 time), and also reduces the amount of data that is transmitted over the wire.
133 There have also been quite a few bug fixes. See the
134 <a href="/ftp/rsync/old-versions/rsync-2.6.1-NEWS">release NEWS</a> for the full
137 <a name="security_apr04"></a>
138 <h3 style="color:red">April 2004 Security Advisory</h3>
140 <p><i style="color:#777777">April 26th, 2004</i>
142 <p>There is a security problem in all versions prior to 2.6.1 that affects only
143 people running a read/write daemon WITHOUT using chroot. If the user privs
144 that such an rsync daemon is using is anything above "nobody", you are at risk
145 of someone crafting an attack that could write a file outside of the module's
146 "path" setting (where all its files should be stored). Please either enable
147 chroot or upgrade to 2.6.1. People not running a daemon, running a read-only
148 daemon, or running a chrooted daemon are totally unaffected.
150 <h3>One Cygwin hang-problem resolved</h3>
152 <p>The problem with rsync hanging at the end of the transfer on
153 <a href="http://www.cygwin.com/">Cygwin</a> had been previously traced to a
154 signal-handling bug in their compatibility DLL. This bug appears to now be
155 fixed in DLL version 1.5.7-1, and Cygwin users are reporting that upgrading the
156 DLL removes the hang-at-end-of-transfer problem for their existing rsync executable.
157 (Note that this doesn't solve a hang that some folks see in the middle of a
158 transfer -- using daemon mode instead of ssh can work around that one.)
160 <a name="two_six"></a>
161 <h3>Rsync 2.6.0 released</h3>
163 <p><i style="color:#777777">January 1st, 2004</i>
165 <P> Two important things to note in the new release:
169 <li>The default remote shell is now "ssh" unless you tell configure you want to
170 make something else the default.
172 <li>Some bug fixes in the include/exclude code, while making things work
173 properly, have resulted in some user-visible changes for certain wildcard
174 strings. Read the BUG FIXES section in the
175 <a href="/ftp/rsync/old-versions/rsync-2.6.0-NEWS">NEWS file</a> to see if
176 any of these changes apply to you.
177 (Most people should be unaffected.)
181 <p>One other item of note is that the oft-requested option "--files-from" is now
182 available. This option lets you specify a list of files to transfer, and can
183 be much more efficient than a recursive descent using include/exclude
184 statements (if you know in advance what files you want to transfer). The list
185 of files can come from either side of the connection, so it is possible for a
186 server to provide the file-list that lets someone grab a server-specified set of
187 files, for example. See the <a href="/ftp/rsync/rsync.html">rsync man page</a>
190 <p>For a full list of changes in version 2.6.0, see the
191 <a href="/ftp/rsync/old-versions/rsync-2.6.0-NEWS">release NEWS</a>.
193 <a name="security_dec03"></a>
194 <h3 style="color:red">December 2003 Security Advisory</h3>
196 <p><i style="color:#777777">December 4th, 2003</i>
200 <p>The rsync team has received evidence that a vulnerability in rsync was
201 recently used in combination with a Linux kernel vulnerability to
202 compromise the security of a public rsync server. While the forensic
203 evidence we have is incomplete, we have pieced together the most
204 likely way that this attack was conducted and we are releasing this
205 advisory as a result of our investigations to date.
208 Our conclusions are that:
212 <li>rsync version 2.5.6 and earlier contains a heap overflow vulnerability that can
213 be used to remotely run arbitrary code.
215 <li>While this heap overflow vulnerability could not be used by itself
216 to obtain root access on a rsync server, it could be used in
217 combination with the recently announced brk vulnerability in the
218 Linux kernel to produce a full remote compromise.
220 <li>The server that was compromised was using a non-default rsyncd.conf
221 option <tt>"use chroot = no"</tt>. The use of this option made the attack on
222 the compromised server considerably easier. A successful attack is
223 almost certainly still possible without this option, but it would
224 be much more difficult.
228 Please note that this vulnerability only affects the use of rsync as a
229 "rsync server". To see if you are running a rsync server you should
230 use the netstat command to see if you are listening on TCP port
231 873. If you are not listening on TCP port 873 then you are not running
234 <h4>New rsync release</h4>
237 In response we have released a new version of rsync, version
238 2.5.7. This is based on the current stable 2.5.6 release with only the
239 changes necessary to prevent this heap overflow vulnerability. There
240 are no new features in this release.
242 We recommend that anyone running a rsync server take the following
246 Update to (at least) rsync version 2.5.7 immediately.
248 If you are running a Linux kernel prior to version 2.4.23 then
249 you should upgrade your kernel immediately. Note that some
250 distribution vendors may have patched versions of the 2.4.x
251 series kernel that fix the brk vulnerability in versions before
252 2.4.23. Check with your vendor security site to ensure that you
253 are not vulnerable to the <tt>brk</tt> problem.
255 Review your <tt>/etc/rsyncd.conf</tt> configuration file. If you are
256 using the option <tt>"use chroot = no"</tt> then remove that line or
257 change it to <tt>"use chroot = yes"</tt>. If you find that you need that
258 option for your rsync service then you should disable your rsync
259 service until you have discussed a workaround with the rsync
260 maintainers on the rsync mailing list. The disabling of the
261 chroot option should not be needed for any normal rsync server.
264 <p>The patches and full source for rsync version 2.5.7 are available from
265 <a href="http://rsync.samba.org/">http://rsync.samba.org/</a> and mirror sites. We expect that vendors will
266 produce updated packages for their distributions shortly.
271 The rsync team would like to thank the following individuals for their
272 assistance in investigating this vulnerability and producing this
276 <li>Timo Sirainen <tss.iki.fi>
277 <li>Mike Warfield <mhw.wittsend.com>
278 <li>Paul Russell <rusty.samba.org>
279 <li>Andrea Barisani <lcars.gentoo.org>
283 The Common Vulnerabilities and Exposures project (cve.mitre.org) has
285 <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0962">CAN-2003-0962</a>
293 <!--#include virtual="footer.html" -->