pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/pkgsrc-2016Q4]: pkgsrc/sysutils/py-borgbackup Pullup ticket #5184 - r...



details:   https://anonhg.NetBSD.org/pkgsrc/rev/5bbd62ef46e7
branches:  pkgsrc-2016Q4
changeset: 408724:5bbd62ef46e7
user:      spz <spz%pkgsrc.org@localhost>
date:      Sun Jan 22 18:34:51 2017 +0000

description:
Pullup ticket #5184 - requested by bsiegert
sysutils/py-borgbackup: security update

Revisions pulled up:
- sysutils/py-borgbackup/Makefile                               1.11
- sysutils/py-borgbackup/distinfo                               1.6

-------------------------------------------------------------------
   Module Name:    pkgsrc
   Committed By:   wiz
   Date:           Thu Jan  5 16:33:16 UTC 2017

   Modified Files:
           pkgsrc/sysutils/py-borgbackup: Makefile distinfo

   Log Message:
   Updated py-borgbackup to 1.0.9.

   Version 1.0.9 (2016-12-20)

   Security fixes:

       A flaw in the cryptographic authentication scheme in Borg
       allowed an attacker to spoof the manifest. See Pre-1.0.9 manifest
       spoofing vulnerability above for the steps you should take.
       borg check: When rebuilding the manifest (which should only be
       needed very rarely) duplicate archive names would be handled
       on a ?first come first serve? basis, allowing an attacker to
       apparently replace archives.

   Bug fixes:

       borg check:
           rebuild manifest if it?s corrupted
           skip corrupted chunks during manifest rebuild
       fix TypeError in integrity error handler, #1903, #1894
       fix location parser for archives with @ char (regression
   introduced in 1.0.8), #1930
       fix wrong duration/timestamps if system clock jumped during a create
       fix progress display not updating if system clock jumps backwards
       fix checkpoint interval being incorrect if system clock jumps

   Other changes:

       docs:
           add python3-devel as a dependency for cygwin-based installation
           clarify extract is relative to current directory
           FAQ: fix link to changelog
           markup fixes
       tests:
           test_get_(cache|keys)_dir: clean env state, #1897
           get back pytest?s pretty assertion failures, #1938
       setup.py build_usage:
           fixed build_usage not processing all commands
           fixed build_usage not generating includes for debug commands

   Version 1.0.9rc1 (2016-11-27)

   Bug fixes:

       files cache: fix determination of newest mtime in backup set
       (which is used in cache cleanup and led to wrong ?A? [added]
       status for unchanged files in next backup), #1860.
       borg check:
           fix incorrectly reporting attic 0.13 and earlier archives as corrupt
           handle repo w/o objects gracefully and also bail out early if
   repo is completely empty, #1815.
       fix tox/pybuild in 1.0-maint
       at xattr module import time, loggers are not initialized yet

   New features:

       borg umount <mountpoint> exposed already existing umount code
       via the CLI api, so users can use it, which is more consistent
       than using borg to mount and fusermount -u (or umount) to
       un-mount, #1855.
       implement borg create ?noatime ?noctime, fixes #1853

   Other changes:

       docs:
           display README correctly on PyPI
           improve cache / index docs, esp. files cache docs, fixes #1825
           different pattern matching for ?exclude, #1779
           datetime formatting examples for {now} placeholder, #1822
           clarify passphrase mode attic repo upgrade, #1854
           clarify ?umask usage, #1859
           clarify how to choose PR target branch
           clarify prune behavior for different archive contents, #1824
           fix PDF issues, add logo, fix authors, headings, TOC
           move security verification to support section
           fix links in standalone README (:ref: tags)
           add link to security contact in README
           add FAQ about security
           move fork differences to FAQ
           add more details about resource usage
       tests: skip remote tests on cygwin, #1268
       travis:
           allow OS X failures until the brew cask osxfuse issue is fixed
           caskroom osxfuse-beta gone, it?s osxfuse now (3.5.3)
       vagrant:
           upgrade OSXfuse / FUSE for macOS to 3.5.3
           remove llfuse from tox.ini at a central place
           do not try to install llfuse on centos6
           fix fuse test for darwin, #1546
           add windows virtual machine with cygwin
           Vagrantfile cleanup / code deduplication


   To generate a diff of this commit:
   cvs rdiff -u -r1.10 -r1.11 pkgsrc/sysutils/py-borgbackup/Makefile
   cvs rdiff -u -r1.5 -r1.6 pkgsrc/sysutils/py-borgbackup/distinfo

diffstat:

 sysutils/py-borgbackup/Makefile |   4 ++--
 sysutils/py-borgbackup/distinfo |  10 +++++-----
 2 files changed, 7 insertions(+), 7 deletions(-)

diffs (27 lines):

diff -r 25844dd2c75f -r 5bbd62ef46e7 sysutils/py-borgbackup/Makefile
--- a/sysutils/py-borgbackup/Makefile   Sat Jan 21 10:52:00 2017 +0000
+++ b/sysutils/py-borgbackup/Makefile   Sun Jan 22 18:34:51 2017 +0000
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.9 2016/11/16 13:21:14 wiz Exp $
+# $NetBSD: Makefile,v 1.9.2.1 2017/01/22 18:34:51 spz Exp $
 
-DISTNAME=      borgbackup-1.0.8
+DISTNAME=      borgbackup-1.0.9
 PKGNAME=       ${PYPKGPREFIX}-${DISTNAME}
 CATEGORIES=    sysutils
 MASTER_SITES=  ${MASTER_SITE_PYPI:=b/borgbackup/}
diff -r 25844dd2c75f -r 5bbd62ef46e7 sysutils/py-borgbackup/distinfo
--- a/sysutils/py-borgbackup/distinfo   Sat Jan 21 10:52:00 2017 +0000
+++ b/sysutils/py-borgbackup/distinfo   Sun Jan 22 18:34:51 2017 +0000
@@ -1,6 +1,6 @@
-$NetBSD: distinfo,v 1.5 2016/11/16 13:21:14 wiz Exp $
+$NetBSD: distinfo,v 1.5.2.1 2017/01/22 18:34:51 spz Exp $
 
-SHA1 (borgbackup-1.0.8.tar.gz) = 86a31f9982cbdbffbde67ce483fc02b2a1848675
-RMD160 (borgbackup-1.0.8.tar.gz) = 6525e312f10db9fad410f40b1364b0307404376d
-SHA512 (borgbackup-1.0.8.tar.gz) = 2a24b302da6cf0266c53a5efc7c1f500c3a3f290c1a49abbced981d2e252886e81b828ab092518f675a81b9865079af66ea34d035b34ebf19a86a153fff6bd45
-Size (borgbackup-1.0.8.tar.gz) = 501606 bytes
+SHA1 (borgbackup-1.0.9.tar.gz) = d98f28204d8cedaafc76f7f374784ed9aac4fd04
+RMD160 (borgbackup-1.0.9.tar.gz) = 170ff43929a8994825481767589b6cffcf97e653
+SHA512 (borgbackup-1.0.9.tar.gz) = 5623916b143a3d39cab41bc5cca82589a612035d9be0bfd0d211656a975b986bc0c04133bdd1ba44b628fffd84f2c4294530a7c37b9c874e878b77d6105ff0ad
+Size (borgbackup-1.0.9.tar.gz) = 541796 bytes



Home | Main Index | Thread Index | Old Index