rsync has some really serious CVEs[1], but the 3.4.0 release with the fixes has regressions[2] that will break things for people. What to do?
[1]: https://www.openwall.com/lists/oss-security/2025/01/14/3
[2]: https://github.com/RsyncProject/rsync/issues/702
@ncopa "Mitigation: Disable SHA* support by compiling with
CFLAGS=-DDISABLE_SHA512_DIGEST and CFLAGS=-DDISABLE_SHA256_DIGEST."
@dalias what will break if I do that?
@ncopa Probably nothing but I'm not 100% sure how negotiation works.