On Mon, Jan 27, 2020 at 03:56:07PM +0100, Moritz Buhl wrote:
> Hi ports@,
>
> The gnu licensed rsync port in it's current release is shipping with a
> few CVEs: CVE-2016-9843, CVE-2016-9842, CVE-2016-9841, CVE-2016-9840
> They all come from the zlib rsync is bundling. The OpenBSD port uses
> this
Hi ports@,
The gnu licensed rsync port in it's current release is shipping with a
few CVEs: CVE-2016-9843, CVE-2016-9842, CVE-2016-9841, CVE-2016-9840
They all come from the zlib rsync is bundling. The OpenBSD port uses
this zlib since Jun 2014 to support compression that was introduced
in rsync-
