On Sun, 2015-06-07 at 15:35 -0700, David Rothenberger wrote:
> I've uploaded new librsync packages, but have not created the !ready
> file. Would you please shuffle the packaging around?
Done, librsync-1.0.0 is in place now.
> I have new rdiff-backup packages ready as well; I'll upload those as
>
On 6/2/2015 2:21 PM, Yaakov Selkowitz wrote:
> Please note that both Fedora and Debian call the main package librsync
> based on upstream packaging, from which rdiff could be a subpackage.
> The different naming of this package threw me off for a while. Any
> chance we could shuffle the packaging
On 6/2/2015 2:21 PM, Yaakov Selkowitz wrote:
> David,
>
> A checksum collision vulnerability has been found in librsync (rdiff):
>
> https://bugzilla.redhat.com/show_bug.cgi?id=1126712#c17
>
> The solution is to update librsync to 1.0.0; you may wish to consider
> the following patch as well:
>
David,
A checksum collision vulnerability has been found in librsync (rdiff):
https://bugzilla.redhat.com/show_bug.cgi?id=1126712#c17
The solution is to update librsync to 1.0.0; you may wish to consider
the following patch as well:
http://pkgs.fedoraproject.org/cgit/librsync.git/plain/librsync
