1 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
6 <!--#include virtual="header.html" -->
8 <H2 align="center">Welcome to the rsync web pages</H2>
10 rsync is an <A HREF="http://www.opensource.org/">open source</A>
11 utility that provides fast incremental file transfer. rsync is freely
12 available under the <A HREF="GPL.html">GNU General Public
16 For all versions of rsync prior to 2.6.3, see the
17 <a href="#security_aug04">August 2004 security advisory</a>!
19 If you're using a version prior to 2.6.1, see the
20 <a href="#security_apr04">April 2004 security advisory</a>!
22 If you're using a version prior to 2.5.7, see the
23 <a href="#security_dec03">December 2003 security advisory</a>!
27 <h3>Rsync 2.6.4pre3 released</h3>
29 <p><i style="color:#777777">March 15th, 2005</i>
31 <p>Rsync version 2.6.4pre3 has been released. This release combines several
32 new features with some improved delete efficiency and the usual array of
33 bug fixes. Please try it out and send feedback to the mailing list!
35 <p><b>Important:</b> protocol 29 was revised in pre3 to be incompatible with
36 pre1 and pre2, so be sure to update all your pre-release test versions at the
37 same time. Rsync has code in it to detect that it is talking to an older
38 pre-release, so you should see an appropriate error if you mix incompatible
39 versions. If upgrading is not an option, use the --protocol=28 option to make
40 the programs fall-back to a protocol they have in common (this is suggested in
41 the error message that is output).
43 <p>See the <a href="/ftp/rsync/preview/rsync-2.6.4pre3-NEWS">release NEWS</a> for the
44 details of what changed since 2.6.3.
46 <p>The changes since 2.6.4pre2 are as follows:
50 <li> Some protocol changes were made: (1) simplified the data flow for the
51 generator's reporting of its basis-file choice to the receiver (because
52 simplified data flow makes deadlock prevention easier); (2) made hard-linking
53 be reported via the itemized log output; and (3) added an extra "phase" at the
54 end of the transfer for the --delay-updates processing so that it can itemize
55 any delayed hard-links. (These changes make protocol 29 incompatible with
56 earlier pre-releases, as mentioned in the "Important" note above.)
58 <li> Another change for hard-links: a cluster of hard-linked files is now
59 dealt with as soon as possible, either when we complete the update of one file
60 in the cluster, or we find an unchanged file in the cluster (the old code used
61 to do all hard-linking at the end of the transfer).
63 <li> When --max-delete=N is specified and we attempted to overflow this value,
64 we now warn at the end of the transfer and exit with error code 25. If you
65 want to know about too-many deletions prior to doing any deletes, do a check
66 run with --dry-run first.
68 <li> Fixed a potential protocol-corrupting bug in the data sent from the
69 generator to the receiver (this doesn't seem to have been easy to trigger,
72 <li> Fixed a slowdown in the name-sorting code.
74 <li> When '%i' outputs a deletion, it uses the string "*deleting" (with the
75 leading '*' being new). Also a few other minor changes to the itemized output,
76 including adding an extra character for future code to be able to report when
77 an ACL/extended-attribute changes. (See the man page for full details.)
79 <li> Fixed a glitch in the --progress output when transferring zero-length
82 <li> Fixed the over-reporting of changes to a write-protected dir.
84 <li> The --copy-dest option has made a comback into CVS now that its algorithm
85 has been improved to work just like a --link-dest with copies instead of hard
86 links (an earlier version of the code did a less efficient transfer of
87 unchanged files from the --copy-dest hierarchy).
91 <p>To build it from source, snag one of these:
92 <b><a href="/ftp/rsync/preview/rsync-2.6.4pre3.tar.gz">rsync-2.6.4pre3.tar.gz</a>
93 (<a href="/ftp/rsync/preview/rsync-2.6.4pre3.tar.gz.asc">signature</a>),
94 <a href="/ftp/rsync/preview/rsync-2.6.4pre2-2.6.4pre3.diffs.gz">rsync-2.6.4pre2-2.6.4pre3.diffs.gz</a>
95 (<a href="/ftp/rsync/preview/rsync-2.6.4pre2-2.6.4pre3.diffs.gz.asc">signature</a>)</b>.
96 <a href="/ftp/rsync/preview/old-patches/rsync-2.6.4pre1-2.6.4pre2.diffs.gz">rsync-2.6.4pre1-2.6.4pre2.diffs.gz</a>
97 (<a href="/ftp/rsync/preview/old-patches/rsync-2.6.4pre1-2.6.4pre2.diffs.gz.asc">signature</a>)</b>.
98 <a href="/ftp/rsync/preview/old-patches/rsync-2.6.3-2.6.4pre1.diffs.gz">rsync-2.6.3-2.6.4pre1.diffs.gz</a>
99 (<a href="/ftp/rsync/preview/old-patches/rsync-2.6.3-2.6.4pre1.diffs.gz.asc">signature</a>)</b>.
100 Note that the diffs do not contain updates for the "patches" dir -- grab the tar
101 file if you want the full release.
104 <h3>Rsync 2.6.3 released</h3>
106 <p><i style="color:#777777">September 30th, 2004</i>
108 <p>Rsync version 2.6.3 has been released. It contains several new features
109 and quite a few bug fixes.
111 <p>See the <a href="/ftp/rsync/rsync-2.6.3-NEWS">release NEWS</a> for the
112 details of what changed since 2.6.2.
114 <p>See the <a href="download.html">download page</a> for all the ways
115 to grab the new version, or snag one of these:
116 <b><a href="/ftp/rsync/rsync-2.6.3.tar.gz">rsync-2.6.3.tar.gz</a>
117 (<a href="/ftp/rsync/rsync-2.6.3.tar.gz.asc">signature</a>),
118 <a href="/ftp/rsync/rsync-2.6.2-2.6.3.diffs.gz">rsync-2.6.2-2.6.3.diffs.gz</a>
119 (<a href="/ftp/rsync/rsync-2.6.2-2.6.3.diffs.gz.asc">signature</a>)</b>.
121 <a name="security_aug04"></a>
122 <h3 style="color:red">August 2004 Security Advisory</h3>
124 <p><i style="color:#777777">August 12th, 2004</i>
128 <p>There is a path-sanitizing bug that affects daemon mode in all modern
129 rsync versions through version 2.6.2, but only if chroot is disabled. It
130 does NOT affect the normal send/receive filenames that specify what
131 files should be transferred (this is because these names happen to get
132 sanitized twice, and thus the second call removes any lingering leading
133 slash(es) that the first call left behind). It does affect certain
134 option paths that cause auxilliary files to be read or written.
138 <p>The best fix is to apply this one-word patch to the sanitize_path()
142 --- orig/util.c 2004-04-27 12:59:37 -0700
143 +++ util.c 2004-08-11 23:37:27 -0700
152 /* back up sanp one level */
155 <p>This bug-fix was released in version 2.6.3 of rsync.
157 <p>One potential fix that doesn't require recompiling rsync is to set
158 "use chroot = true" for all the modules in the rsyncd.conf file.
161 <h3>Rsync 2.6.2 released</h3>
163 <p><i style="color:#777777">April 30th, 2004</i>
165 <p>Rsync version 2.6.2 has been released. It is a bugfix release that mainly
166 fixes <b>a bug with the --relative option (-R) in 2.6.1</b>
167 that could cause files to be transferred incorrectly. This only affected a
168 source right at the root of the filesystem, such as "/" or "/*" (if you
169 first "cd /" and then copy from ".", it would not tickle the bug).
171 <p>See the <a href="/ftp/rsync/old-versions/rsync-2.6.2-NEWS">release NEWS</a> for the
172 details of what else was fixed.
174 <h3>Rsync 2.6.1 released</h3>
176 <p><i style="color:#777777">April 26th, 2004</i>
178 <p>Rsync version 2.6.1 has been released. It is primarily a performance
179 release that requires less memory to run, makes fewer write calls to the socket
180 (lowering the system CPU time), does less string copying (lowering the user CPU
181 time), and also reduces the amount of data that is transmitted over the wire.
182 There have also been quite a few bug fixes. See the
183 <a href="/ftp/rsync/old-versions/rsync-2.6.1-NEWS">release NEWS</a> for the full
186 <a name="security_apr04"></a>
187 <h3 style="color:red">April 2004 Security Advisory</h3>
189 <p><i style="color:#777777">April 26th, 2004</i>
191 <p>There is a security problem in all versions prior to 2.6.1 that affects only
192 people running a read/write daemon WITHOUT using chroot. If the user privs
193 that such an rsync daemon is using is anything above "nobody", you are at risk
194 of someone crafting an attack that could write a file outside of the module's
195 "path" setting (where all its files should be stored). Please either enable
196 chroot or upgrade to 2.6.1. People not running a daemon, running a read-only
197 daemon, or running a chrooted daemon are totally unaffected.
199 <h3>One Cygwin hang-problem resolved</h3>
201 <p>The problem with rsync hanging at the end of the transfer on
202 <a href="http://www.cygwin.com/">Cygwin</a> had been previously traced to a
203 signal-handling bug in their compatibility DLL. This bug appears to now be
204 fixed in DLL version 1.5.7-1, and Cygwin users are reporting that upgrading the
205 DLL removes the hang-at-end-of-transfer problem for their existing rsync executable.
206 (Note that this doesn't solve a hang that some folks see in the middle of a
207 transfer -- using daemon mode instead of ssh can work around that one.)
209 <a name="two_six"></a>
210 <h3>Rsync 2.6.0 released</h3>
212 <p><i style="color:#777777">January 1st, 2004</i>
214 <P> Two important things to note in the new release:
218 <li>The default remote shell is now "ssh" unless you tell configure you want to
219 make something else the default.
221 <li>Some bug fixes in the include/exclude code, while making things work
222 properly, have resulted in some user-visible changes for certain wildcard
223 strings. Read the BUG FIXES section in the
224 <a href="/ftp/rsync/old-versions/rsync-2.6.0-NEWS">NEWS file</a> to see if
225 any of these changes apply to you.
226 (Most people should be unaffected.)
230 <p>One other item of note is that the oft-requested option "--files-from" is now
231 available. This option lets you specify a list of files to transfer, and can
232 be much more efficient than a recursive descent using include/exclude
233 statements (if you know in advance what files you want to transfer). The list
234 of files can come from either side of the connection, so it is possible for a
235 server to provide the file-list that lets someone grab a server-specified set of
236 files, for example. See the <a href="/ftp/rsync/rsync.html">rsync man page</a>
239 <p>For a full list of changes in version 2.6.0, see the
240 <a href="/ftp/rsync/old-versions/rsync-2.6.0-NEWS">release NEWS</a>.
242 <a name="security_dec03"></a>
243 <h3 style="color:red">December 2003 Security Advisory</h3>
245 <p><i style="color:#777777">December 4th, 2003</i>
249 <p>The rsync team has received evidence that a vulnerability in rsync was
250 recently used in combination with a Linux kernel vulnerability to
251 compromise the security of a public rsync server. While the forensic
252 evidence we have is incomplete, we have pieced together the most
253 likely way that this attack was conducted and we are releasing this
254 advisory as a result of our investigations to date.
257 Our conclusions are that:
261 <li>rsync version 2.5.6 and earlier contains a heap overflow vulnerability that can
262 be used to remotely run arbitrary code.
264 <li>While this heap overflow vulnerability could not be used by itself
265 to obtain root access on a rsync server, it could be used in
266 combination with the recently announced brk vulnerability in the
267 Linux kernel to produce a full remote compromise.
269 <li>The server that was compromised was using a non-default rsyncd.conf
270 option <tt>"use chroot = no"</tt>. The use of this option made the attack on
271 the compromised server considerably easier. A successful attack is
272 almost certainly still possible without this option, but it would
273 be much more difficult.
277 Please note that this vulnerability only affects the use of rsync as a
278 "rsync server". To see if you are running a rsync server you should
279 use the netstat command to see if you are listening on TCP port
280 873. If you are not listening on TCP port 873 then you are not running
283 <h4>New rsync release</h4>
286 In response we have released a new version of rsync, version
287 2.5.7. This is based on the current stable 2.5.6 release with only the
288 changes necessary to prevent this heap overflow vulnerability. There
289 are no new features in this release.
291 We recommend that anyone running a rsync server take the following
295 Update to (at least) rsync version 2.5.7 immediately.
297 If you are running a Linux kernel prior to version 2.4.23 then
298 you should upgrade your kernel immediately. Note that some
299 distribution vendors may have patched versions of the 2.4.x
300 series kernel that fix the brk vulnerability in versions before
301 2.4.23. Check with your vendor security site to ensure that you
302 are not vulnerable to the <tt>brk</tt> problem.
304 Review your <tt>/etc/rsyncd.conf</tt> configuration file. If you are
305 using the option <tt>"use chroot = no"</tt> then remove that line or
306 change it to <tt>"use chroot = yes"</tt>. If you find that you need that
307 option for your rsync service then you should disable your rsync
308 service until you have discussed a workaround with the rsync
309 maintainers on the rsync mailing list. The disabling of the
310 chroot option should not be needed for any normal rsync server.
313 <p>The patches and full source for rsync version 2.5.7 are available from
314 <a href="http://rsync.samba.org/">http://rsync.samba.org/</a> and mirror sites. We expect that vendors will
315 produce updated packages for their distributions shortly.
320 The rsync team would like to thank the following individuals for their
321 assistance in investigating this vulnerability and producing this
325 <li>Timo Sirainen <tss.iki.fi>
326 <li>Mike Warfield <mhw.wittsend.com>
327 <li>Paul Russell <rusty.samba.org>
328 <li>Andrea Barisani <lcars.gentoo.org>
332 The Common Vulnerabilities and Exposures project (cve.mitre.org) has
334 <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0962">CAN-2003-0962</a>
342 <!--#include virtual="footer.html" -->