The branch, master has been updated via 81ff413 Make the checksum_seed a bit harder to predict. from eac8580 Add compat flag to allow proper seed checksum order. Fixes the equivalent of librsync's CVE-2014-8242 issue.
https://git.samba.org/?p=rsync.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit 81ff413bb0d04bdccfdee82c32a76d26b5d08434 Author: Wayne Davison <way...@samba.org> Date: Mon May 11 14:31:07 2015 -0700 Make the checksum_seed a bit harder to predict. ----------------------------------------------------------------------- Summary of changes: compat.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) Changeset truncated at 500 lines: diff --git a/compat.c b/compat.c index f89d466..1df1db8 100644 --- a/compat.c +++ b/compat.c @@ -333,7 +333,7 @@ void setup_protocol(int f_out,int f_in) if (am_server) { if (!checksum_seed) - checksum_seed = time(NULL); + checksum_seed = time(NULL) ^ (getpid() << 6); write_int(f_out, checksum_seed); } else { checksum_seed = read_int(f_in); -- The rsync repository. _______________________________________________ rsync-cvs mailing list rsync-cvs@lists.samba.org https://lists.samba.org/mailman/listinfo/rsync-cvs