-<!-- $Header$ -->
-<!--#include virtual="/rsync/header.html" -->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
+<HTML>
+<HEAD>
+<TITLE>rsync</TITLE>
+</HEAD>
+<!--#include virtual="header.html" -->
<H2 align="center">Welcome to the rsync web pages</H2>
rsync is an <A HREF="http://www.opensource.org/">open source</A>
utility that provides fast incremental file transfer. rsync is freely
-available under the <A HREF="/rsync/GPL.html">GNU General Public
-License</A>
+available under the <A HREF="GPL.html">GNU General Public
+License version 2</A>
-<H2>Latest release announcement:</H2>
+<p><i>(If you're using a version of rsync older than 2.6.3, see below for some security advisories.)</i>
-<pre>
-<!--#include virtual="/ftp/rsync/NEWS" -->
-</pre>
+<h3>Rsync 2.6.6pre1 released</h3>
- <p>
- Download rsync <a href="http://ftp.samba.org/ftp/rsync/">here</a>.
- </p>
+<p><i style="color:#777777">July 7th, 2005</i>
-<h2>Other news</h2>
+<p>Rsync version 2.6.6pre1 has been released. This release is a preliminary
+release for trying out a zlib upgrade to version 1.2.2 plus a security fix for
+the latest security problem found in zlib. I had originally thought that this
+release was needed to fix a security problem in the zlib included in rsync, but
+it turns out that zlib 1.1.4 (which is used in 2.6.5 and earlier) is not affected
+by this latest zlib security problem.
- <ul>
- <li>2002-04-03: Cross-referenced <a
- href="/rsync/doxygen/head/files.html">rsync source code</a> produced by
- <a href="http://doxygen.org/">Doxygen</a> may now be perused on
- the web site.
- </li>
+<p>If you'd like to read about all the fixes that are in 2.6.6pre1, read the
+<a href="http://rsync.samba.org/ftp/rsync/preview/NEWS">NEWS file</a>.
- <p><li>2002-04-07: <a
- href="http://mail-archive.com/rsync@lists.samba.org/">New
- mailing-list archive</a>.
- </li>
- </ul>
+<p>You can download the pre-release version either as a tar file:
+<b><a href="/ftp/rsync/preview/rsync-2.6.6pre1.tar.gz">rsync-2.6.6pre1.tar.gz</a>
+(<a href="/ftp/rsync/preview/rsync-2.6.6pre1.tar.gz.asc">signature</a>),
+</b>or a set of diffs based on 2.6.5:<b>
+<a href="/ftp/rsync/preview/rsync-2.6.5-2.6.6pre1.diffs.gz">rsync-2.6.5-2.6.6pre1.diffs.gz</a>
+(<a href="/ftp/rsync/preview/rsync-2.6.5-2.6.6pre1.diffs.gz.asc">signature</a>)</b>.
-<!--#include virtual="/rsync/footer.html" -->
+<h3>Rsync 2.6.5 released</h3>
+
+<p><i style="color:#777777">June 1st, 2005</i>
+
+<p>Rsync version 2.6.5 has been released. This release is primarily a bug-fix
+release to squash some annoying problems that made it into the (feature-filled)
+release of 2.6.4, plus a few minor enhancements.
+
+<p>See the <a href="/ftp/rsync/NEWS">release NEWS</a> for the
+details of what changed since 2.6.4, and the
+<a href="/ftp/rsync/OLDNEWS">OLDNEWS file</a> for details of what changed
+in prior versions. You can also read the man pages for
+<a href="http://rsync.samba.org/ftp/rsync/rsync.html">rsync</a> and
+<a href="http://rsync.samba.org/ftp/rsync/rsyncd.conf.html">rsyncd.conf</a>.
+
+<p>See the <a href="download.html">download page</a> for all the ways
+to grab the new version, or snag one of these:
+<b><a href="/ftp/rsync/rsync-2.6.5.tar.gz">rsync-2.6.5.tar.gz</a>
+(<a href="/ftp/rsync/rsync-2.6.5.tar.gz.asc">signature</a>),
+<a href="/ftp/rsync/rsync-2.6.4-2.6.5.diffs.gz">rsync-2.6.4-2.6.5.diffs.gz</a>
+(<a href="/ftp/rsync/rsync-2.6.4-2.6.5.diffs.gz.asc">signature</a>)</b>.
+Note that the diffs do not contain updates for the "patches" dir -- grab the tar
+file if you want the full release.
+
+
+<h3>Rsync 2.6.4 released</h3>
+
+<p><i style="color:#777777">March 30th, 2005</i>
+
+<p>Rsync version 2.6.4 has been released. This release combines quite a
+few new features, some improved delete efficiency, and the usual array of
+bug fixes.
+
+<p>See the <a href="/ftp/rsync/old-versions/rsync-2.6.4-NEWS">release NEWS</a> for the
+details of what changed since 2.6.3.
+
+
+<h3>Rsync 2.6.3 released</h3>
+
+<p><i style="color:#777777">September 30th, 2004</i>
+
+<p>Rsync version 2.6.3 has been released. It contains several new features
+and quite a few bug fixes.
+
+<p>See the <a href="/ftp/rsync/old-versions/rsync-2.6.3-NEWS">release NEWS</a> for the
+details of what changed since 2.6.2.
+
+
+<a name="security_aug04"></a>
+<h3 style="color:red">August 2004 Security Advisory</h3>
+
+<p><i style="color:#777777">August 12th, 2004</i>
+
+<p>There is a path-sanitizing bug that affects daemon-mode in
+rsync versions through version 2.6.2, but only if chroot is disabled. It
+does NOT affect the normal send/receive filenames that specify what
+files should be transferred (this is because these names happen to get
+sanitized twice, and thus the second call removes any lingering leading
+slash(es) that the first call left behind). It does affect certain
+option paths that cause auxilliary files to be read or written.
+
+<p>This bug was fixed in version 2.6.3 of rsync.
+
+<p>One potential fix that doesn't require recompiling rsync is to set
+"use chroot = true" for all the modules in the rsyncd.conf file.
+
+
+<h3>Rsync 2.6.2 released</h3>
+
+<p><i style="color:#777777">April 30th, 2004</i>
+
+<p>Rsync version 2.6.2 has been released. It is a bugfix release that mainly
+fixes <b>a bug with the --relative option (-R) in 2.6.1</b>
+that could cause files to be transferred incorrectly. This only affected a
+source right at the root of the filesystem, such as "/" or "/*" (if you
+first "cd /" and then copy from ".", it would not tickle the bug).
+
+<p>See the <a href="/ftp/rsync/old-versions/rsync-2.6.2-NEWS">release NEWS</a> for the
+details of what else was fixed.
+
+
+<h3>Rsync 2.6.1 released</h3>
+
+<p><i style="color:#777777">April 26th, 2004</i>
+
+<p>Rsync version 2.6.1 has been released. It is primarily a performance
+release that requires less memory to run, makes fewer write calls to the socket
+(lowering the system CPU time), does less string copying (lowering the user CPU
+time), and also reduces the amount of data that is transmitted over the wire.
+There have also been quite a few bug fixes. See the
+<a href="/ftp/rsync/old-versions/rsync-2.6.1-NEWS">release NEWS</a> for the full
+details.
+
+
+<a name="security_apr04"></a>
+<h3 style="color:red">April 2004 Security Advisory</h3>
+
+<p><i style="color:#777777">April 26th, 2004</i>
+
+<p>There is a security problem in all versions prior to 2.6.1 that affects only
+people running a read/write daemon WITHOUT using chroot. If the user privs
+that such an rsync daemon is using is anything above "nobody", you are at risk
+of someone crafting an attack that could write a file outside of the module's
+"path" setting (where all its files should be stored). Please either enable
+chroot or upgrade to 2.6.1. People not running a daemon, running a read-only
+daemon, or running a chrooted daemon are totally unaffected.
+
+
+<h3>One Cygwin hang-problem resolved</h3>
+
+<p>The problem with rsync hanging at the end of the transfer on
+<a href="http://www.cygwin.com/">Cygwin</a> had been previously traced to a
+signal-handling bug in their compatibility DLL. This bug appears to now be
+fixed in DLL version 1.5.7-1, and Cygwin users are reporting that upgrading the
+DLL removes the hang-at-end-of-transfer problem for their existing rsync executable.
+(Note that this doesn't solve a hang that some folks see in the middle of a
+transfer -- using daemon mode instead of ssh can work around that one.)
+
+
+<a name="two_six"></a>
+<h3>Rsync 2.6.0 released</h3>
+
+<p><i style="color:#777777">January 1st, 2004</i>
+
+<P> Two important things to note in the new release:
+
+<ol>
+
+<li>The default remote shell is now "ssh" unless you tell configure you want to
+make something else the default.
+
+<li>Some bug fixes in the include/exclude code, while making things work
+properly, have resulted in some user-visible changes for certain wildcard
+strings. Read the BUG FIXES section in the
+<a href="/ftp/rsync/old-versions/rsync-2.6.0-NEWS">NEWS file</a> to see if
+any of these changes apply to you.
+(Most people should be unaffected.)
+
+</ol>
+
+<p>One other item of note is that the oft-requested option "--files-from" is now
+available. This option lets you specify a list of files to transfer, and can
+be much more efficient than a recursive descent using include/exclude
+statements (if you know in advance what files you want to transfer). The list
+of files can come from either side of the connection, so it is possible for a
+server to provide the file-list that lets someone grab a server-specified set of
+files, for example. See the <a href="/ftp/rsync/rsync.html">rsync man page</a>
+for more details.
+
+<p>For a full list of changes in version 2.6.0, see the
+<a href="/ftp/rsync/old-versions/rsync-2.6.0-NEWS">release NEWS</a>.
+
+<a name="security_dec03"></a>
+<h3 style="color:red">December 2003 Security Advisory</h3>
+
+<p><i style="color:#777777">December 4th, 2003</i>
+
+<p>Rsync version 2.5.6 and earlier contains a heap overflow vulnerability that
+could be used to remotely run arbitrary code, but this only affects the use of
+rsync as an "rsync daemon" (where rsync handles incoming socket connections,
+typically on port 873).
+
+<p>This bug was fixed in rsync 2.5.7.
+
+<!--#include virtual="footer.html" -->
git.samba.org / rsync-web.git / blobdiff