Nam Nguyen:
> Here is an update for net/rsync 3.2.4 based on tj@'s diff which does the
> following:
> - move to system zlib instead of bundled zlib
This requires an explanation.
I seem to remember that rsync's bundled zlib is modified and the
bitstream it produces is incompatible with standard zlib.
Something something... -z -zz... ??
There are changes to the amd64 assembly optimizations:
* We now need --enable-md5-asm, or we'll lose the MD5 asm.
* We should try --enable-roll-simd --enable-roll-asm for the
checksum asm. (I haven't looked closely how those configure
options interact.)
In 3.2.3, the configure test for the C++ intrinsics fails
with an ld.so error...!?
> I added LOCALSTATEDIR and SYSCONFDIR throughout rsync(1) and
> rsyncd.conf(5) whenever they relate specfically to the rsync port.
Hmm. How maintainable is that? Every port update, somebody needs
to check the man pages for changes that may need tweaking.
> 2. rrsync script switches from perl to python. I propose not bothering to
> add python in RUN_DEPENDS for this optional functionality.
That's actually a notable change.
I agree that I don't want a package as basic as rsync to depend on
python.
> 3. Backport to -stable? naddy@ says rsync is not affected, but upstream
> says it might be.
> from NEWS: https://download.samba.org/pub/rsync/NEWS#SECURITY_FIXES-3.2.4
I'd say they simply merged in the fix and didn't worry whether there
is an actual vulnerability. We could do that in -stable without
pulling in the whole 3.2.4 update.
--
Christian "naddy" Weisgerber naddy@mips.inka.de
No comments:
Post a Comment