|
| 1 | +# NEWS for rsync 3.4.3 (UNRELEASED) |
| 2 | + |
| 3 | +## Changes in this version: |
| 4 | + |
| 5 | +### BUG FIXES: |
| 6 | + |
| 7 | +- Fixed a regression introduced by the 3.4.0 secure_relative_open() |
| 8 | + CVE fix where legitimate directory symlinks on the receiver side |
| 9 | + (e.g. when using `-K` / `--copy-dirlinks`) caused "failed |
| 10 | + verification -- update discarded" errors on delta transfers. The |
| 11 | + old code rejected every symlink in the path with a per-component |
| 12 | + `O_NOFOLLOW` walk; the receiver now uses kernel-enforced "stay |
| 13 | + below dirfd" path resolution where available. Fixes #715. |
| 14 | + |
| 15 | +### PORTABILITY / BUILD: |
| 16 | + |
| 17 | +- secure_relative_open() now uses `openat2(RESOLVE_BENEATH | |
| 18 | + RESOLVE_NO_MAGICLINKS)` on Linux 5.6+, and `openat()` with |
| 19 | + `O_RESOLVE_BENEATH` on FreeBSD 13+ and macOS 15+ (Sequoia) / |
| 20 | + iOS 18+. The kernel rejects ".." escapes, absolute symlinks, and |
| 21 | + symlinks whose target lies outside the starting directory, while |
| 22 | + still following symlinks that resolve within it -- the same |
| 23 | + trade-off that fixes the issue #715 regression without weakening |
| 24 | + the original CVE protection. Other platforms (Solaris, OpenBSD, |
| 25 | + NetBSD, Cygwin) retain the previous per-component `O_NOFOLLOW` |
| 26 | + walk; on those platforms the issue #715 regression remains |
| 27 | + visible. |
| 28 | + |
| 29 | +- testsuite/xattrs: ignore `SUNWattr_*` in the Solaris `xls` |
| 30 | + helper. |
| 31 | + |
| 32 | +### DEVELOPER RELATED: |
| 33 | + |
| 34 | +- Added testsuite/symlink-dirlink-basis.test (taken from PR #864 |
| 35 | + by Samuel Henrique) covering the issue #715 regression and |
| 36 | + several edge cases (`--backup`, `--inplace`, `--partial-dir` |
| 37 | + with protocol < 29, top-level files). The test skips on |
| 38 | + platforms without a RESOLVE_BENEATH equivalent. |
| 39 | + |
| 40 | +- runtests.py now errors early with a clear message when the test |
| 41 | + helper programs (`tls`, `trimslash`, `t_unsafe`, `wildtest`, |
| 42 | + `getgroups`, `getfsdev`) are missing, instead of letting many |
| 43 | + tests fail with confusing "not found" errors. |
| 44 | + |
| 45 | +- Added OpenBSD and NetBSD CI jobs that run `make check` on those |
| 46 | + platforms. |
| 47 | + |
| 48 | +- Added `symlink-dirlink-basis` to the Cygwin CI's expected-skipped |
| 49 | + list. |
| 50 | + |
| 51 | +- Removed the old release system (replaced by the new release |
| 52 | + script in 3.4.2). |
| 53 | + |
| 54 | +------------------------------------------------------------------------------ |
| 55 | + |
1 | 56 | # NEWS for rsync 3.4.2 (28 Apr 2026) |
2 | 57 |
|
3 | 58 | ## Changes in this version: |
@@ -4980,6 +5035,7 @@ to develop and test fixes. |
4980 | 5035 |
|
4981 | 5036 | | RELEASE DATE | VER. | DATE OF COMMIT\* | PROTOCOL | |
4982 | 5037 | |--------------|--------|------------------|-------------| |
| 5038 | +| ?? ??? 2026 | 3.4.3 | | 32 | |
4983 | 5039 | | 28 Apr 2026 | 3.4.2 | | 32 | |
4984 | 5040 | | 16 Jan 2025 | 3.4.1 | | 32 | |
4985 | 5041 | | 15 Jan 2025 | 3.4.0 | 15 Jan 2025 | 32 | |
|
0 commit comments