The zlib folks have clarified that version 1.1.4 is not vulnerable to the latest zlib security problem, so all released versions of rsync are not affected by the most recent security problem that was found in version 1.2.2 (and also affects 1.2.1). So, there is now no rush to release version 2.6.6 of rsync. Instead, it can act as a trial version to ensure that upgrading the zlib version is not going to cause any problems, and I will allow a little more in the way of features to be added to rsync before releasing the final 2.6.6.
I apologize for the confusion, but I was playing it safe in case rsync was affected by this zlib vulnerability. ..wayne..
signature.asc
Description: Digital signature
_______________________________________________ rsync-announce mailing list rsync-announce@lists.samba.org https://lists.samba.org/mailman/listinfo/rsync-announce
