fosstodon.org is one of the many independent Mastodon servers you can use to participate in the fediverse.
Fosstodon is an invite only Mastodon instance that is open to those who are interested in technology; particularly free & open source software. If you wish to join, contact us for an invite.

Administered by:

Server stats:

11K
active users

rsync has some really serious CVEs[1], but the 3.4.0 release with the fixes has regressions[2] that will break things for people. What to do?

[1]: openwall.com/lists/oss-securit
[2]: github.com/RsyncProject/rsync/

www.openwall.comoss-security - RSYNC: 6 vulnerabilities

@ncopa "Mitigation: Disable SHA* support by compiling with
CFLAGS=-DDISABLE_SHA512_DIGEST and CFLAGS=-DDISABLE_SHA256_DIGEST."

@ncopa Probably nothing but I'm not 100% sure how negotiation works.