$OpenBSD: SECURITY,v 1.3 1999/04/18 20:59:02 espie Exp $

${WRKDIR}/receiver.c
	call to mktemp (wrapper function do_mktemp) does seem to be correct.

The server makes extensive use of strlcpy/strlcat/snprintf.

rsync upto 2.3.0 has a security hole. If rsync --version is less or equal
to that, you should upgrade.
