Slashdot Mirror

← Back to Stories (view on slashdot.org)

New rsync Released to Fix Vulnerability

Posted by CowboyNeal on Thursday December 4, 2003 @02:31PM from the better-safe-than-sorry dept.

cshields2 writes "Today the rsync developers have released a new version that fixes an exploitable security vulnerability when running rsync as an 'rsync server.' Any server out there running rsync should check this out and upgrade if necessary. (which is every open source mirror server out there, and many mirrors themselves)"

1 of 226 comments (clear)

Min score:

Reason:

Sort:

Re:Wow, that was fast by Steve+'Rim'+Jobs · 2003-12-04 15:38 · Score: 0, Troll

Even so, their track record is still better than most proprietary software vendors. With OSS, at least no one is attempting a coverup - you know exactly how good or bad the software is. With proprietary software, you have to take their word for it. Not only that, but they often take months to patch known vulnerabilities; sometimes they've even threatned people who attempted to disclose these flaws to customers with fines or even jail.