The CVE patches weren't previously applied because they depend on the
enableCopyDevicesPatch parameter. The naming of the patches attribute in
base.nix was misleading.
The new rsync release now really fixes:
* CVE-2017-15994
* CVE-2017-16548
* CVE-2017-17433
* CVE-2017-17434
Rsync has its own patched compress function, and to be able to use the `-z` flag, it needs to use that one.
With `-zz` rsync can use an external zlib, but then it can't talk to older rsync versions.
More details at https://bugs.mageia.org/show_bug.cgi?id=13669
The rsync binary was previously built without iconv support which is needed
for utf-8 conversions on darwin. Fixes#26864.
Additionally rsync used to be built with bundled versions of zlib and popt
that were outdated. This decreases the size of the rsync binary by ~82KB.
Extract the rsync source fetching into its own expression and use that
expression to fetch the same source for rsync and rrsync.
rrsync is just copied from the support folder of rsync, no configure or build
needed. Also none of the rsync patches are needed. Only the path to rsync needs
to be patched into rrsync.
I use this feature for doing snapshot backups, which is way faster
than copying a huge files tree.
The patch is semi-official, rsync-patches is maintained by rsync
upstream itself.
The patch doesn't affect any behaviour, it only adds 1 option
so it shouldn't affect you if you don't use it.
svn path=/nixpkgs/trunk/; revision=31659