On Sat, 26 Jan 2002, Peter Billson wrote: > I just applied the security fix to rsync and now it is dumping core. > Before I report this as a bug, I thought I'd check to see if anyone else > is having trouble.
I am now receiving: Warning: unexpected read size of 0 in map_ptr This is with rsync (netbsd package) 2.3.1 (not updated) connecting with rsync (debian package) 2.3.2-1.3. (Going either way.) I never use rsync as a daemon. The rsync announcement says "Although this vulnerability is primarily important for people running rsync daemons, it is not impossible that a malicious rsync server could use it to attack a client who connects over either ssh or port 873." So does this mean that it doesn't really matter if you upgrade if you don't use a rsync daemon? (Or why would you have a "malicious" rsync server?) Jeremy C. Reed -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
