- Fixed bug numbers in spec file
- Add patch: rsync-fix-prealloc-to-keep-file-size-0-when-possible.patch (boo#1108562)
- Don't require systemd explicit, spec file can handle both cases
correct and in containers we don't have systemd [bsc#1100786].
- Use %license instead of %doc [bsc#1082318]
- Update to version 3.1.3 [bsc#1076503]:
Protocol: 31 (unchanged)
- SECURITY FIXES:
* Fixed a buffer overrun in the protocol's handling of xattr names and
ensure that the received name is null terminated.
* Fix an issue with --protect-args where the user could specify the arg
in the protected-arg list and short-circuit some of the arg-sanitizing
code.
- BUG FIXES:
* Don't output about a new backup dir without appropriate info verbosity.
* Fixed some issues with the sort functions in support/rsyncstats script.
* Added a way to specify daemon config lists (e.g. users, groups, etc)
* that contain spaces (see "auth users" in the latest rsyncd.conf manpage).
* If a backup fails (e.g. full disk) rsync exits with an error.
* Fixed a problem with a doubled --fuzzy option combined with --link-dest.
* Avoid invalid output in the summary if either the start or end time had
an error.
* We don't allow a popt alias to affect the --daemon or --server options.
* Fix daemon exclude code to disallow attribute changes in addition to
disallowing transfers.
* Don't force nanoseconds to match if a non-transferred, non-checksummed
file only passed the quick-check w/o comparing nanosecods.
- ENHANCEMENTS:
* Added the ability for rsync to compare nanosecond times in its
file-check
comparisons, and added support nanosecond times on Mac OS X.
* Added a short-option (-@) for --modify-window.
* Added the --checksum-choice=NAME[,NAME] option to choose the checksum
algorithms.
* Added hashing of xattr names (with using -X) to improve the handling of
files with large numbers of xattrs.
* Added a way to filter xattr names using include/exclude/filter rules
(see the --xattrs option in the manpage for details).
* Added "daemon chroot|uid|gid" to the daemon config (in addition to the
old chroot|uid|gid settings that affect the daemon's transfer process).
* Added "syslog tag" to the daemon configuration.
* Some manpage improvements.
- DEVELOPER RELATED:
* Tweak the "make" output when yodl isn't around to create the man pages.
* Changed an obsolete autoconf compile macro.
* Support newer yodl versions when converting man pages.
- Dropped patches fixed upstream:
* rsync-CVE-2017-16548.patch
* rsync-3.1.2-CVE-2018-5764.patch
- Refreshed patches:
* rsync-send_error_to_sender.patch
- Security fix: Ignore --protect-args when already sent by client
[bsc#1076503, CVE-2018-5764]
* Added patch rsync-3.1.2-CVE-2018-5764.patch
- Fix: Stop file upload after errors [bsc#1062063]
- Added patches:
* rsync-send_error_to_sender.patch
* rsync-avoid-uploading-after-error.patch
- Security fix [bsc#1066644, CVE-2017-16548]
* Missing trailing '\0' character check could lead to remote DoS
* Added rsync-CVE-2017-16548.patch
- Try more in supporting all scenarios bsc#1046197#c24
* rsync-both-compressions.patch
- Execute tests to ensure the basics are still working
- Refresh patch rsync-both-compressions.patch to include
fix when using old-compress on new zlib on server too
- Add patch to build with both bundled and external zlib to support
both compression methods at once bsc#1046197:
* rsync-both-compressions.patch
- We no longer need to inject the pid in post as we do not use
the iniscript relying on it
- Add socket activation service instead of the xinetd service
- Verify in services the configuration to run actually exist
- Drop sle11 support as it does not autoreconf anymore
- Drop patch system-zlib.diff that was never applied
- Switch to system popt and zlib:
* This should not cause issues now because upstream states the
underlying issue why we used the bundled one was fixed by
using more safeguarded error detection
- update to 3.1.2
- drop patches rsync-CVE-2014-9512.patch,
rsync-equivalent_of_CVE-2014-8242.patch (applied upstream)
- better disable slp by default, it doesn't seem to be used much
and it often caused problems (eg boo#898513, bsc#922710)
* set "use slp" in rsyncd.conf to enable
* modified rsync-add_back_use_slp_directive.patch
- add a compatibility flag to avoid checksum collisions (bsc#900914)
* fixes rsync equivalent of librsync's CVE-2014-8242
* added rsync-equivalent_of_CVE-2014-8242.patch
- modify rsync-add_back_use_slp_directive.patch
- reintroduce "use slp" directive (bsc#922710)
* added rsync-add_back_use_slp_directive.patch
- rsync-no-libattr.patch: Use AC_SEARCH_LIBS([getxattr], [attr])
instead of AC_CHECK_LIB(attr,getxattr) so libattr is
not injected as a dependency when glibc is enough since
several years to use getxattr.
- fix for CVE-2014-9512 (bnc#915410)
* path spoofing attack vulnerability
* added rsync-CVE-2014-9512.patch
- No longer perform gpg validation; osc source_validator does it
implicit:
+ Drop gpg-offline BuildRequires.
+ No longer execute gpg_verify.
- Do not depend on insserv if the system supports systemd; it's
useless
- update to 3.1.1
- drop rsync-CVE-2014-2855.patch (applied upstream)
- drop 0001-use-lp_num_modules-instead-of-the-removed-lp_numserv.patch
(applied upstream)
- Remove sysvinit support on distros that have systemd
- Remove libattr-devel from buildRequires, application does
not link to libattr but it picks the glibc implementation
instead.
- fix for CVE-2014-2855 (bnc#873740)
* a denial of service via CPU consumption
* added rsync-CVE-2014-2855.patch
- update to 3.1.0
* fixes bnc#845185
- don't apply drop-cache.patch (removed from upstream)
- add 0001-use-lp_num_modules-instead-of-the-removed-lp_numserv.patch
- add gpg-offline tarball checking
- add time-limit.patch from co-distributed rsync-patches as we do
on SLE (fate#312479)
- Explicitly list libattr-devel as BuildRequires
- More robust make install call. Remove redundant %clean section.
- Add Source URL, see https://en.opensuse.org/SourceUrls
- All daemons that create temporary files must have
PrivateTmp=true set in systemd unit if possible.
- Build with PIE and full RELRO
- add autoconf as buildrequire to avoid implicit dependency
- Add systemd unit
- Do not BuildRequire textlive
- Update to version 3.0.9
* Apply drop-cache patch from rsync-patches tarball, adds option
--drop-cache so rsync is drop the memory cache of files when
finished (aka. stop trashing the system)
* Fix a crash bug in checksum scanning when --inplace is used.
* Fix a memory leak in the xattr code.
* See NEWS for more detail
- fix build for SLE (spec-cleaner changes)
o makeinstall, _initddir
- updated summary (bnc#691944) and description
- update to rsync-3.0.8
- Notable changes:
- Fixed two buffer-overflow issues.
- Fixed a data-corruption issue when preserving hard-links
without preserving file ownership, and doing deletions either
before or during the transfer (CVE-2011-1097).
- Fixed a potential crash when an rsync daemon has a
filter/exclude list and the transfer is using ACLs or xattrs.
- Fixed a hang if a really large file is being processed by an
rsync that can't handle 64-bit numbers.
- For devices and special files, we now avoid gathering useless
ACL and/or xattr information for files that aren't being
copied.
- Properly handle requesting remote filenames that start with a
dash.
- Fixed a bug in the comparing of upper-case letters in file
suffixes for --skip-compress.
- If an rsync daemon has a module configured without a path
setting, rsync will now disallow access to that module.
- Some improvements to the hard-linking code to ensure that
device-number hashing is working right, and to supply more
information if the hard-link code fails.
- Fixed a bug that prevented --numeric-ids from disabling the
translation of user/group IDs for ACLs.
- The --link-dest checking for identical symlinks now avoids
considering attribute differences that cannot be changed on the
receiver.
- Fixed a bug with --fake-super when copying files and dirs that
aren't user writable.
- Fixed a bug where a sparse file could have its last sparse
block turned into a real block when rsync sets the file size
(requires ftruncate).
- Fixed the working of --force when used with --one-file-system.
- Various manpage improvements.
- run spec-cleaner
- rsyncd.rc changes:
* Do not use killproc -TERM, but just killproc, so that killproc
waits until the service is actually shut down, before attempting
to restart it (when "restart" is used). Fixes bnc#546977.
* Change the "reload" action to return "missing" because rsyncd
does not handle SIGHUP
* Adjust "force-reload" accordingly
- update to rsync-3.0.7
- Fixed a bogus free when using --xattrs with --backup.
- Avoid an error when --dry-run was trying to stat a prior hard-link
file that hasn't really been created.
- Fixed a problem with --compress (-z) where the receiving side could
return the error "inflate (token) returned -5".
- Fixed a bug where --delete-during could delete in a directory before
it noticed that the sending side sent an I/O error for that
directory (both sides of the transfer must be at least 3.0.7).
- Improved --skip-compress's error handling of bad character-sets and
got rid of a lingering debug fprintf().
- Fixed the daemon's conveyance of io_error value from the sender.
- An rsync daemon use seteuid() (when available) if it used setuid().
- Get the permissions right on a --fake-super transferred directory
that needs more owner permissions to emulate root behavior.
- An absolute-path filter rule (i.e. with a '/' modifier) no longer
loses its modifier when sending the filter rules to the remote
rsync.
- Improved the "--delete does not work without -r or -d" message.
- Improved rsync's handling of --timeout to avoid a weird timeout case
where the sender could timeout even though it has recently written
data to the socket (but hasn't read data recently, due to the
writing).
- Some misc manpage improvements.
- Fixed the chmod-temp-dir testsuite on a system without /var/tmp.
- Make sure that a timeout specified in the daemon's config is used as
a maximum timeout value when the user also specifies a timeout.
- Improved the error-exit reporting when rsync gets an error trying to
cleanup after an error: the initial error is reported.
- The AIX sysacls routines will now return ENOSYS if ENOTSUP is
missing.
- Made our (only used if missing) getaddrinfo() routine use
inet_pton() (which we also provide) instead of inet_aton().
- The exit-related debug messages now mention the program's role so it
is clear who output what message.
- spec mods
o sorted TAGS
o added missing clean section
- rpmlint
o non-conffile-in-etc /etc/sysconfig/SuSEfirewall2.d/services/rsync-server
- bump version to 3.0.6
- drop rsync-allow-slp-disable.patch (merged upstream)
- add rsync-allow-slp-disable.patch (FATE#306331)
- update to 3.0.6pre1 (bugfix release)
- noteworthy changes:
- Fixed a --read-batch hang when rsync is reading a batch file that was
created from an incremental-recursion transfer
- Fixed the daemon's socket code to handle the simultaneous arrival of
multiple connections.
- Fix --safe-links/--copy-unsafe-links to properly handle symlinks that
have consecutive slashes in the value.
- Fixed the parsing of an [IPv6_LITERAL_ADDR] when a USER@ is prefixed.
- The sender now skips a (bogus) symlink that has a 0-length value, which
avoids a transfer error in the receiver.
- Fixed a case where the sender could die with a tag-0 error if there was
an I/O during the sending of the file list.
- Fixed the rrsync script to avoid a server-side problem when -e is at the
start of the short options.
- Fixed a problem where a vanished directory could turn into an exit code
23 instead of the proper exit code 24.
- Fixed the --iconv conversion of symlinks when doing a local copy.
receiving side when a mount-point directory did not match a directory in
the transfer.
- Fixed the dropping of an ACL mask when no named ACL values were present.
- Fixed an ACL/xattr corruption issue where the --backup option could cause
rsync to associate the wrong ACL/xattr information with received files.
- Fixed the use of --xattrs with --only-write-batch.
- Fixed the use of --dry-run with --read-batch.
- Fixed a run-time issue for systems that can't find iconv_open() by adding
the --disable-iconv-open configure option.
- Complain and die if the user tries to combine --remove-source-files (or
the deprecated --remove-sent-files) with --read-batch.
- add rsync-3.0.5-doc-fix.patch (bnc#487591)
- update to 3.0.5
- initialize xattr data in a couple spots in the hlink code, which avoids a
crash when the xattr pointer's memory happens to start out non-zero
- don't send a bogus "-" option to an older server if there were no short
options specified - fixes (bnc#476379)
- fixed skipping of unneeded updates in a batch file when incremental
recursion is active
- fix the %P logfile escape when the daemon logs from inside a chroot.
- fixed the use of -s (--protect-args) when used with a remote source or
destination that had an empty path (e.g. "host:")
- fixed the use of a dot-dir path (e.g. foo/./bar) inside a --files-from
file when the root of the transfer isn't the current directory
- fixed a bug with "-K --delete" removing symlinks to directories when
incremental recursion is active
- fixed a hard to trigger hang when using --remove-source-files
- got rid of an annoying delay when accessing a daemon via a remote-shell
- properly ignore (superfluous) source args on a --read-batch command
- improved the manpage's description of the '*' wildcard to remove the
confusing "non-empty" qualifier
- fixed reverse lookups in the compatibility-library version of
getnameinfo()
- fixed a bug when using --sparse on a sparse file that has over 2GB of
consecutive sparse data
- avoid a hang when using at least 3 --verbose options on a transfer with a
client sender (which includes local copying)
- fixed a problem with --delete-delay reporting an error when it was ready
to remove a directory that was now gone
- got rid of a bunch of "warn_unused_result" compiler warnings
- if an ftruncate() on a received file fails, it now causes a partial-
transfer warning
- add SuSEfirewall2 rule (bnc#251657)
- fix build: do not run tests as they fail in chrooted environment
- update to 3.0.4
- update to stable release
- removed rsync-3.0.4pre2-xattrs-test-fix.patch
- fixed in upstream
- update to 3.0.4pre2
- Fixed the handling of a --partial-dir that cannot be created.
- Fixed a couple issues in the --fake-super handling of xattrs when the
destination files have root-level attributes (e.g. selinux values) that
a non-root copy can't affect.
- The --iconv option now converts the content of a symlink too, instead
of leaving it in the wrong character-set.
- Fixed a bug where --delete-during could delete in a directory before it
noticed that the sending side sent an I/O error for that directory.
- Fixed a crash bug in the hard-link code.
- Fixed the sending of xattr directory information when the code finds a
--link-dest or --copy-dest directory with unchanged xattrs
- Fixed deletion handling when copying a single, empty directory (with no
files) to a differently named, non-existent directory.
- too many other changes and fixes - please, see NEWS and NEWS-rsync-3.0.3
files
- specfile fixes :
- use %configure and %makeinstall macros
- use %_bindir and %sbindir macros
- removed lutimes-hack.diff (not needed anymore)
- removed rsync-patches-3.0.2.dif (fixed in upstream)
- rsyncd.rc: use Should-Start instead of X-UnitedLinux-Should-Start
- specfile fixes:
* added Should-Stop
* 'make test' moved to %check
* recommend logrotate
- update to version 3.0.2
- Fixed a potential buffer overflow in the xattr code.
- update to version 3.0.1
- Added the 'c'-flag to the itemizing of non-regular files so that the
itemized output doesn't get hidden if there were no attribute changes,
and also so that the itemizing of a --copy-links run will distinguish
between copying an identical non-regular file and the creation of a
revised version with a new value (e.g. a changed symlink referent, a
new device number, etc.).
- quite a lot of other bugfixes, please see OLDNEWS file
- update to version 3.0.0 (shortened, more details see NEWS file)
- The handling of implied directories when using --relative has changed to
send them as directories (e.g. no implied dir is ever sent as a symlink).
- Requesting a remote file-listing without specifying -r (--recursive) now
sends the -d (--dirs) option to the remote rsync rather than sending -r
along with an extra exclude of /*/*.
- In --dry-run mode, the last line of the verbose summary text is output
with a "(DRY RUN)" suffix to help remind you that no updates were made.
Similarly, --only-write-batch outputs "(BATCH ONLY)".
- A writable rsync daemon with "use chroot" disabled now defaults to a
symlink-munging behavior designed to make symlinks safer while also
allowing absolute symlinks to be stored and retrieved.
- Starting up an extra copy of an rsync daemon will not clobber the pidfile
for the running daemon -- if the pidfile exists, the new daemon will exit
with an error.
- re-applied patches from upstream kit:
- acls.diff,xattrs.diff,slp.diff
- removed patches:
- rsync-overlong.patch (upstream code cleaned up)
- lutimes-hack.diff (should not be needed any more)
- rsync-fix_fuzzy.patch (fixed upstream)
- rsync-hlink_crash.patch (upstream cleaned up)
- munge-symlinks-2.6.9.diff (integrated upstream)
- added munge-symlinks patch (#345507) CVE-2007-6199
- fix uninitialized struct sx in hlink.c:hard_link_cluster
to prevent crash when using acls (#338358)
- fix (#300526) restart will start standalone rsync if running
under xinetd
- use a pid file for rsyncd in init script so that rcrsyncd
will not show status running for an rsync started by xinetd
- insert "pid file" entry into rsyncd.conf if not present
- build parallel
- fix hardlinks accross partition
- fix abort in rsync when acls and fuzzy are used together
(#306263)
- added lutimes-hack.diff to work around a glibc bug in lutimes.c
- protect from overlong filenames (#294073) CVE-2007-4091
- make build work on older distros again.
- use builtin zlib copy again
- update to 2.6.9:
* several important bugfixes
* new features, see included NEWS file
- build against system zlib instead of own zlib copy
- build against system popt instead of own popt copy
- Use texlive for building.
- apply fix for xattr.diff from rsync mailing list
- apply patches/xattr.diff as well (fate#300565)
- fix rc script error code when there's an error in the config
file (#198406)
- added tag-3 patch from cvs (will be in 2.6.9)
to avoid aborts with "unexpected tag 3"
- update to version 2.6.8
- use slp patch as included upstream
- several bugfixes
- errors now include version number
- special files as pipes now printed as "S", no longer "D"
- escaping of unreadable chars has changed
- new --append, --min-size and --prune-empty-dirs options
- ignore testsuite failure on s390x (filesystem mtimes)
- converted neededforbuild to BuildRequires
- Don't strip binaries.
- fix problem in configure to re-enable ACLs (#128323)
- added acl-fix.patch from wayne to make testsuite pass with acls
- update to 2.6.6
- update to 2.6.5
- use acl patch as shipped in rsync/patches directory
- Glibc doesn't cache the timezone as much as it used to, so export
the TZ variable after doing chroot. [#49878]
- added libpng to neededforbuild (for tetex)
- re-register before SLP really times out
- re-worked slp.diff
do not use a timer but hook into central select call
- update to 2.6.3 final
- updated to 2.6.3-pre1, which is currently in release-testing
(and includes a security fix)
- fixing problems apparently introduced with the update to 2.6.2:
- fix from cvs to not abort trying to create already created
backup directories (#42780)
- fix from cvs to avoid crash on large trees (#42933)
- update to 2.6.2 / ported patches
- fixes a problem with non-chroot modules
- fix hostname calculation in slp registration code
- add -4 and -6 options to manpage (#36144)
- update to version 2.6.0
- update to real 2.5.7
- fix heap overflow (#33478)
- add patch for SLP support, based on Brad Hards demo implementation
- Fix quoting in configure script.
- added make test
- added acl patch, build with acl support
- don't build as root
- added stop_on_removal and restart_on_update macro calls
- use defattr
- add xinetd-config to filelist
- update to 2.5.6
- can combine ssh and daemon access
- supports URL like syntax rsync://
- IPv6 support in hosts.allow/deny
- recursive hang fixed upstream
- added xinetd-config snippet
- added logrotate config
- fix recursive hangup in server process on broken pipe
- fix comment in init script
- use BuildRoot
- added PreReqs
- Don't source /etc/rc.config in init script [Bug 17123]
- update to 2.5.5
setgroups patch removed, has been integrated
zfree patch removed, rsync has current zlib fixes
unsigned patch removed, has been integrated
- applied setgroups security fix
- applied zlib security fix
- make rsyncd a hardlink (#13041)
- added patch for segmentation fault
- corrected diff for log.c
- applied security patch for various signed/unsigned fixes
- removed START_RSYNCD
- on uninstall, call insserv to cleanup
- added rc-script and rc-config variable START_RSYNCD
if someone wants to run rsyncd standalone (w/o inetd) (#9496)
- sorted
- Work with LFS; fix spec file to not print while building.
- update to 2.4.6
- update to 2.4.4
- rsync 2.3.2, install man pages -> /usr/share/man.
- ran old prepare_spec on spec file to switch to new prepare_spec.
- update to 2.3.1
- added rsyncstats shell script
- update to 2.2.1
- added symlink /usr/sbin/rsyncd (to let it work with tcpd)
- added example configs
- update to 2.2.0
- defined _GNU_SOURCE where getopt_long is needed
- update to 2.1.0
added manpage for rsyncd.conf
- update to 1.7.4
generate tech_report.ps from tex-src
- first version for S.u.S.E. (1.6.3)