From 76584854795b43412c834aaa164de6d6c4549f74 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Tue, 28 Apr 2026 12:54:31 +1000 Subject: [PATCH 1/2] packaging: remove support for rsync-patches --- packaging/release-rsync | 36 ------------------------------------ 1 file changed, 36 deletions(-) diff --git a/packaging/release-rsync b/packaging/release-rsync index 2d1486b8d..3abecc230 100755 --- a/packaging/release-rsync +++ b/packaging/release-rsync @@ -85,10 +85,6 @@ def main(): die('"a" must not exist in the current directory.') if os.path.lexists('b'): die('"b" must not exist in the current directory.') - if os.path.lexists('patches.gen'): - die('"patches.gen" must not exist in the current directory.') - - check_git_state(args.master_branch, True, 'patches') curversion = get_rsync_version() @@ -124,8 +120,6 @@ def main(): if not re.match(r'^del', ans, flags=re.I): die("Aborted") cmd_chk(['git', 'tag', '-d', v_ver]) - if os.path.isdir('patches/.git'): - cmd_chk(f"cd patches && git tag -d '{v_ver}'") version = re.sub(r'[-.]*pre[-.]*', 'pre', version) if 'pre' in version and not curversion.endswith('dev'): @@ -259,7 +253,6 @@ About to: cmd_run("git diff".split()) srctar_name = f"{rsync_ver}.tar.gz" - pattar_name = f"rsync-patches-{version}.tar.gz" diff_name = f"{rsync_lastver}-{version}.diffs.gz" srctar_file = os.path.join(dest, srcdir, srctar_name) pattar_file = os.path.join(dest, srcdir, pattar_name) @@ -273,8 +266,6 @@ About to: - git commit all changes - run a full build, ensuring that the manpages & configure.sh are up-to-date - merge the {args.master_branch} branch into the patch/{args.master_branch}/* branches - - update the files in the "patches" dir and OPTIONALLY (if you type 'y') to - run patch-update with the --make option (which opens a shell on error) """) ans = input(" ") @@ -289,20 +280,10 @@ About to: if s.returncode: die('Aborting') - print('Updating files in "patches" dir ...') - s = cmd_run(f'packaging/patch-update --branch={args.master_branch}') - if s.returncode: - die('Aborting') - if re.match(r'^y', ans, re.I): print(f'\nRunning smart-make on all "patch/{args.master_branch}/*" branches ...') cmd_run(f"packaging/patch-update --branch={args.master_branch} --skip-check --make") - if os.path.isdir('patches/.git'): - s = cmd_run(f"cd patches && git commit -a -m 'The patches for {version}.'") - if s.returncode: - die('Aborting') - print(f"""\ {dash_line} @@ -310,8 +291,6 @@ About to: - create signed tag for this release: {v_ver} - create release diffs, "{diff_name}" - create release tar, "{srctar_name}" - - generate {rsync_ver}/patches/* files - - create patches tar, "{pattar_name}" - update top-level README.md, NEWS.md, TODO, and ChangeLog - update top-level rsync*.html manpages - gpg-sign the release files @@ -327,12 +306,6 @@ About to: if 'bad passphrase' in out or 'failed' in out: die('Aborting') - if os.path.isdir('patches/.git'): - out = cmd_txt(f"cd patches && git tag -s -m 'Version {version}.' {v_ver}", capture='combined').out - print(out, end='') - if 'bad passphrase' in out or 'failed' in out: - die('Aborting') - os.environ['PATH'] = ORIGINAL_PATH # Extract the generated files from the old tar. @@ -354,15 +327,6 @@ About to: cmd_chk(['fakeroot', 'tar', 'czf', srctar_file, '--exclude=.github', rsync_ver]) shutil.rmtree(rsync_ver) - print(f'Updating files in "{rsync_ver}/patches" dir ...') - os.mkdir(rsync_ver, 0o755) - os.mkdir(f"{rsync_ver}/patches", 0o755) - cmd_chk(f"packaging/patch-update --skip-check --branch={args.master_branch} --gen={rsync_ver}/patches".split()) - - print(f"Creating {pattar_file} ...") - cmd_chk(['fakeroot', 'tar', 'chzf', pattar_file, rsync_ver + '/patches']) - shutil.rmtree(rsync_ver) - print(f"Updating the other files in {dest} ...") md_files = 'README.md NEWS.md INSTALL.md'.split() html_files = [ fn for fn in gen_pathnames if fn.endswith('.html') ] From 54aadf59946381b9cc9d3ab583afc2cfd503f650 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Wed, 22 Apr 2026 14:33:43 +1000 Subject: [PATCH 2/2] update NEWS.md ready for 3.4.2 --- NEWS.md | 133 +++++++++++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 132 insertions(+), 1 deletion(-) diff --git a/NEWS.md b/NEWS.md index 96608cf94..259d9afe9 100644 --- a/NEWS.md +++ b/NEWS.md @@ -2,9 +2,140 @@ ## Changes in this version: +### SECURITY RELATED: + +Several security-relevant defects were reported and fixed since 3.4.1. +None were assigned a CVE — rsync's fork-per-connection design scopes +the impact of each of these to the attacker's own connection, which is +equivalent to the client closing the socket itself — but they are +fixed here as a matter of hygiene and to reduce the chances of a +future exploitable combination. Many thanks to the external +researchers who reported these issues. + +- Fixed a signed integer overflow in the PROXY protocol v2 header + parser: a negative `len` field could bypass the size check and cause + a stack buffer overflow in `read_buf()`. Reported by John Walker of + ZeroPath. + +- Fixed an invalid access to the files array. Reported by Calum + Hutton of Rapid7. + +- Reject negative token values in the compressed-stream token + decoder; a negative value could cause callers to misinterpret a + missing data pointer as literal data. Reported by Will Sergeant. + +- Fixed the element count passed to the xattr `qsort()` (see + https://www.openwall.com/lists/oss-security/2026/04/16/2). + +- Fixed a buffer underflow in `clean_fname()`, and added a regression + test. + +- Fixed an uninitialized `mul_one` in the AVX2 get_checksum1 path + (undefined behaviour), and added a SIMD-checksum self-test that + cross-checks SSE2, SSSE3 and AVX2 against the C reference on both + aligned and unaligned buffers. + +- Fixed an uninitialized `buf1` on the first call to + `get_checksum2()` in the MD4 path (fixes #673). + +- Zero all new memory from internal allocations: `my_alloc()` now uses + `calloc`, and `expand_item_list()` zeros the expanded portion after + `realloc`. This gives more predictable behaviour if stale or + uninitialised memory is ever accidentally read. + ### BUG FIXES: -- ... +- Call `tzset()` before chroot so that log timestamps continue to + reflect the configured local timezone after the daemon chroots + (glibc needs `/etc/localtime`, which is unreachable post-chroot). + +- Use the correct time when writing to the log file. + +- Do not clear `DISPLAY` unconditionally. + +- Fixed a Y2038 bug in `syscall.c` by replacing the `Int32x32To64` + macro (which truncates its arguments to 32 bits) with a plain + 64-bit multiplication. + +- Fixed ACL ID mapping for non-root users (closes #618). + +- Fixed handling of objects with many xattrs on FreeBSD. + +- Fixed `--open-noatime` not taking effect when opening regular + files: `O_NOATIME` is now also passed to `do_open_nofollow()`, which + has been used for regular files since the CVE fix "fixed symlink + race condition in sender". + +- Ignore "directory has vanished" errors. + +- Fixed the removal of multiple leading slashes. + +- Added the missing `--dirs` long option. + +- Fixed a segfault if `poptGetContext()` returns NULL (e.g. under + OOM) by not passing NULL to `poptReadDefaultConfig()`. Reported by + Ronnie Sahlberg; found with `malloc-fail-tester`. + +- Fixed a build error on ia64 NonStop (which treats missing + prototypes as an error, not a warning). + +- Fixed a flaky hardlinks test (fixes #735). + +### ENHANCEMENTS: + +- Added multi-threaded `zstd` compression, gated by a new + `--compress-threads=N` option, with validation and man-page + coverage. + +- Documented the `temp dir` parameter in the rsyncd.conf man page + (fixes #820). + +- Improved rendering of interior dashes in long-option names in + `md-convert` (perhaps fixes #686). + +### PORTABILITY / BUILD: + +- Fixed glibc 2.43 const-preserving overloads of `strtok()`, + `strchr()` etc. by declaring the affected locals with the right + constness. Contributed by Holger Hoffstätte. + +- Converted the bundled zlib 1.2.8 from K&R-style function + definitions to ANSI prototypes, so it builds with clang 16+. + +- Avoid using `bool` as an identifier; it is a keyword in C23. + +- `configure.ac`: check for xattr functions in libc first and only + fall back to `-lattr`, avoiding spurious overlinking when `-lattr` + happens to be installed. Contributed by Eli Schwartz. + +- Made the build reproducible by honouring `SOURCE_DATE_EPOCH` for + the manpage date. + +- Removed obsolete `popt/findme.c` and `popt/findme.h` that upstream + popt 1.14 folded into `popt.c` (fixes #710). Contributed by Alan + Coopersmith. + +### INTERNAL: + +- Made many module-global variables `const` so they can live in + `.rodata` and enable additional compiler optimization. + +### DEVELOPER RELATED: + +- Replaced `runtests.sh` with `runtests.py`, a Python test runner + that supports `--valgrind` (with per-process log files so valgrind + output no longer interferes with output comparisons) and + `-j/--parallel` execution for roughly a 7× speed-up on typical + hardware. + +- Added a SIMD checksum self-test and a `clean-fname-underflow` + regression test. + +- Various CI fixes for macOS and Cygwin (including adding + `simd-checksum` to the expected-skipped lists on platforms without + SIMD), and tests now run on `ubuntu-latest`. + +- removed support for the unmaintained rsync-patches archive ------------------------------------------------------------------------------