rsync buffer overflow issue
The receive_xattr() function creates a buffer by adding two integer
variables together without verifying the resultant sum hasn't caused
an integer overflow.
The fix, which is a patch of a patch is here:
Only the last few lines matter for this patch, the rest is the result
of making a minor modification in a patch.
This issue also affects FC4