1 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
6 <!--#include virtual="header.html" -->
8 <H2 align="center">Welcome to the rsync web pages</H2>
10 rsync is an <A HREF="http://www.opensource.org/">open source</A>
11 utility that provides fast incremental file transfer. rsync is freely
12 available under the <A HREF="GPL.html">GNU General Public
13 License version 2</A> and is currently being maintained by
14 <a href="http://opencoder.net/">Wayne Davison</a>.
16 <p><i>(If you're using a version of rsync older than 2.6.3, see below for some security advisories.)</i>
18 <h3>The CVS version</h3>
20 <p>I'm currently working on rsync 3.0.0, which is going to be a feature
21 release that has a number of improvements. There has already been work
22 done to lower rsync's memory use, make recursive transfers start up
23 more rapidly (due to an incremental recursive scan being added),
24 to add ACL and xattr support, and more. Upcoming changes include:
25 filename charset-conversion support, renamed-file detection, improved
26 performance for large files, and other changes yet to be decided.
28 <p><b>Note:</b> protocol 30 is still in flux, but I have just added an
29 automatic check to make sure that a pre-released version of rsync is
30 talking to a compatible rsync -- the transfer will fall back to protocol
31 29 if the two sides don't have the same idea of what protocol 30 should
32 be. This change will allow people to install a pre-release version with
33 the confidence that rsync won't fail in strange ways as the release
34 progresses. (Aside: if a newer CVS version is talking to an older CVS
35 version that does NOT have this check, you can use the --protocol=29
36 option to force them to talk in a common language.)
38 <p>See also the <a href="/ftp/unpacked/rsync/NEWS">NEWS file from CVS</a>, the
39 <a href="/ftp/rsync/nightly/rsync.html">rsync manpage from CVS</a> and the
40 <a href="/ftp/rsync/nightly/rsyncd.conf.html">rsyncd.conf manpage from CVS</a>.
42 <h3>Rsync version 2.6.9 released</h3>
44 <p><i style="color:#777777">November 6th, 2006</i>
46 <p>Rsync version 2.6.9 has been released. This is primarily a bug-fix
47 release with a few minor new features.
49 <p>You can read all about the latest improvements and bug-fixes in the
50 <a href="/ftp/rsync/rsync-2.6.9-NEWS">NEWS file</a>.
51 The latest version of each manpage is also available:
52 <a href="/ftp/rsync/rsync.html">rsync</a> and
53 <a href="/ftp/rsync/rsyncd.conf.html">rsyncd.conf</a>.
55 <p>See the <a href="download.html">download page</a> for all the ways
56 to grab the new version, or snag one of these:
57 <b><a href="/ftp/rsync/rsync-2.6.9.tar.gz">rsync-2.6.9.tar.gz</a>
58 (<a href="/ftp/rsync/rsync-2.6.9.tar.gz.asc">signature</a>),
59 <a href="/ftp/rsync/rsync-2.6.8-2.6.9.diffs.gz">rsync-2.6.8-2.6.9.diffs.gz</a>
60 (<a href="/ftp/rsync/rsync-2.6.8-2.6.9.diffs.gz.asc">signature</a>)</b>.
61 Note that the diffs do not contain updates for the "patches" dir -- grab the tar
62 file if you want the full release.
64 <h3>Rsync version 2.6.8 released</h3>
66 <p><i style="color:#777777">April 22th, 2006</i>
68 <p>Rsync version 2.6.8 has been released. This is a bug-fix release that
69 primarily addresses an exclude problem that affected the --relative option,
70 but also includes a security fix for the xattrs.diff patch (which is not an
71 official part of rsync, but some packagers include it in their release).
73 <p>See the <a href="/ftp/rsync/old-versions/rsync-2.6.8-NEWS">release NEWS</a> for the
74 details of what changed since 2.6.7.
76 <h3>Rsync 2.6.7 released</h3>
78 <p><i style="color:#777777">March 11th, 2006</i>
80 <p>Rsync version 2.6.7 has been released. This release has both several new
81 features and the usual accompaniment of bug fixes.
83 <p>See the <a href="/ftp/rsync/old-versions/rsync-2.6.7-NEWS">release NEWS</a> for the
84 details of what changed since 2.6.6.
86 <h3>Rsync 2.6.6 released</h3>
88 <p><i style="color:#777777">July 28th, 2005</i>
90 <p>Rsync version 2.6.6 has been released. This release is a bug-fix release
91 to handle a null-pointer bug that turned up in rsync's version of zlib
92 1.1.4 (this is not the recent zlib 1.2.2 security fix, which did not
93 affect rsync) and to squash a few other minor bugs. To deal with the
94 zlib issue, rsync has been upgraded to include zlib 1.2.3.
96 <p>See the <a href="/ftp/rsync/old-versions/rsync-2.6.6-NEWS">release NEWS</a> for the
97 details of what changed since 2.6.5.
99 <h3>Rsync 2.6.5 released</h3>
101 <p><i style="color:#777777">June 1st, 2005</i>
103 <p>Rsync version 2.6.5 has been released. This release is primarily a bug-fix
104 release to squash some annoying problems that made it into the (feature-filled)
105 release of 2.6.4, plus a few minor enhancements.
107 <p>See the <a href="/ftp/rsync/old-versions/rsync-2.6.5-NEWS">release NEWS</a> for the
108 details of what changed since 2.6.4.
110 <h3>Rsync 2.6.4 released</h3>
112 <p><i style="color:#777777">March 30th, 2005</i>
114 <p>Rsync version 2.6.4 has been released. This release combines quite a
115 few new features, some improved delete efficiency, and the usual array of
118 <p>See the <a href="/ftp/rsync/old-versions/rsync-2.6.4-NEWS">release NEWS</a> for the
119 details of what changed since 2.6.3.
122 <h3>Rsync 2.6.3 released</h3>
124 <p><i style="color:#777777">September 30th, 2004</i>
126 <p>Rsync version 2.6.3 has been released. It contains several new features
127 and quite a few bug fixes.
129 <p>See the <a href="/ftp/rsync/old-versions/rsync-2.6.3-NEWS">release NEWS</a> for the
130 details of what changed since 2.6.2.
133 <a name="security_aug04"></a>
134 <h3 style="color:red">August 2004 Security Advisory</h3>
136 <p><i style="color:#777777">August 12th, 2004</i>
138 <p>There is a path-sanitizing bug that affects daemon-mode in
139 rsync versions through version 2.6.2, but only if chroot is disabled. It
140 does NOT affect the normal send/receive filenames that specify what
141 files should be transferred (this is because these names happen to get
142 sanitized twice, and thus the second call removes any lingering leading
143 slash(es) that the first call left behind). It does affect certain
144 option paths that cause auxiliary files to be read or written.
146 <p>This bug was fixed in version 2.6.3 of rsync.
148 <p>One potential fix that doesn't require recompiling rsync is to set
149 "use chroot = true" for all the modules in the rsyncd.conf file.
152 <h3>Rsync 2.6.2 released</h3>
154 <p><i style="color:#777777">April 30th, 2004</i>
156 <p>Rsync version 2.6.2 has been released. It is a bugfix release that mainly
157 fixes <b>a bug with the --relative option (-R) in 2.6.1</b>
158 that could cause files to be transferred incorrectly. This only affected a
159 source right at the root of the filesystem, such as "/" or "/*" (if you
160 first "cd /" and then copy from ".", it would not tickle the bug).
162 <p>See the <a href="/ftp/rsync/old-versions/rsync-2.6.2-NEWS">release NEWS</a> for the
163 details of what else was fixed.
166 <h3>Rsync 2.6.1 released</h3>
168 <p><i style="color:#777777">April 26th, 2004</i>
170 <p>Rsync version 2.6.1 has been released. It is primarily a performance
171 release that requires less memory to run, makes fewer write calls to the socket
172 (lowering the system CPU time), does less string copying (lowering the user CPU
173 time), and also reduces the amount of data that is transmitted over the wire.
174 There have also been quite a few bug fixes. See the
175 <a href="/ftp/rsync/old-versions/rsync-2.6.1-NEWS">release NEWS</a> for the full
179 <a name="security_apr04"></a>
180 <h3 style="color:red">April 2004 Security Advisory</h3>
182 <p><i style="color:#777777">April 26th, 2004</i>
184 <p>There is a security problem in all versions prior to 2.6.1 that affects only
185 people running a read/write daemon WITHOUT using chroot. If the user privs
186 that such an rsync daemon is using is anything above "nobody", you are at risk
187 of someone crafting an attack that could write a file outside of the module's
188 "path" setting (where all its files should be stored). Please either enable
189 chroot or upgrade to 2.6.1. People not running a daemon, running a read-only
190 daemon, or running a chrooted daemon are totally unaffected.
193 <h3>One Cygwin hang-problem resolved</h3>
195 <p>The problem with rsync hanging at the end of the transfer on
196 <a href="http://www.cygwin.com/">Cygwin</a> had been previously traced to a
197 signal-handling bug in their compatibility DLL. This bug appears to now be
198 fixed in DLL version 1.5.7-1, and Cygwin users are reporting that upgrading the
199 DLL removes the hang-at-end-of-transfer problem for their existing rsync executable.
200 (Note that this doesn't solve a hang that some folks see in the middle of a
201 transfer -- using daemon mode instead of ssh can work around that one.)
204 <a name="two_six"></a>
205 <h3>Rsync 2.6.0 released</h3>
207 <p><i style="color:#777777">January 1st, 2004</i>
209 <P> Two important things to note in the new release:
213 <li>The default remote shell is now "ssh" unless you tell configure you want to
214 make something else the default.
216 <li>Some bug fixes in the include/exclude code, while making things work
217 properly, have resulted in some user-visible changes for certain wildcard
218 strings. Read the BUG FIXES section in the
219 <a href="/ftp/rsync/old-versions/rsync-2.6.0-NEWS">NEWS file</a> to see if
220 any of these changes apply to you.
221 (Most people should be unaffected.)
225 <p>One other item of note is that the oft-requested option "--files-from" is now
226 available. This option lets you specify a list of files to transfer, and can
227 be much more efficient than a recursive descent using include/exclude
228 statements (if you know in advance what files you want to transfer). The list
229 of files can come from either side of the connection, so it is possible for a
230 server to provide the file-list that lets someone grab a server-specified set of
231 files, for example. See the <a href="/ftp/rsync/rsync.html">rsync man page</a>
234 <p>For a full list of changes in version 2.6.0, see the
235 <a href="/ftp/rsync/old-versions/rsync-2.6.0-NEWS">release NEWS</a>.
237 <a name="security_dec03"></a>
238 <h3 style="color:red">December 2003 Security Advisory</h3>
240 <p><i style="color:#777777">December 4th, 2003</i>
242 <p>Rsync version 2.5.6 and earlier contains a heap overflow vulnerability that
243 could be used to remotely run arbitrary code, but this only affects the use of
244 rsync as an "rsync daemon" (where rsync handles incoming socket connections,
245 typically on port 873).
247 <p>This bug was fixed in rsync 2.5.7.
249 <!--#include virtual="footer.html" -->