pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/pkgsrc-2016Q4]: pkgsrc/sysutils/py-borgbackup Pullup ticket #5184 - r...
details: https://anonhg.NetBSD.org/pkgsrc/rev/5bbd62ef46e7
branches: pkgsrc-2016Q4
changeset: 408724:5bbd62ef46e7
user: spz <spz%pkgsrc.org@localhost>
date: Sun Jan 22 18:34:51 2017 +0000
description:
Pullup ticket #5184 - requested by bsiegert
sysutils/py-borgbackup: security update
Revisions pulled up:
- sysutils/py-borgbackup/Makefile 1.11
- sysutils/py-borgbackup/distinfo 1.6
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: wiz
Date: Thu Jan 5 16:33:16 UTC 2017
Modified Files:
pkgsrc/sysutils/py-borgbackup: Makefile distinfo
Log Message:
Updated py-borgbackup to 1.0.9.
Version 1.0.9 (2016-12-20)
Security fixes:
A flaw in the cryptographic authentication scheme in Borg
allowed an attacker to spoof the manifest. See Pre-1.0.9 manifest
spoofing vulnerability above for the steps you should take.
borg check: When rebuilding the manifest (which should only be
needed very rarely) duplicate archive names would be handled
on a ?first come first serve? basis, allowing an attacker to
apparently replace archives.
Bug fixes:
borg check:
rebuild manifest if it?s corrupted
skip corrupted chunks during manifest rebuild
fix TypeError in integrity error handler, #1903, #1894
fix location parser for archives with @ char (regression
introduced in 1.0.8), #1930
fix wrong duration/timestamps if system clock jumped during a create
fix progress display not updating if system clock jumps backwards
fix checkpoint interval being incorrect if system clock jumps
Other changes:
docs:
add python3-devel as a dependency for cygwin-based installation
clarify extract is relative to current directory
FAQ: fix link to changelog
markup fixes
tests:
test_get_(cache|keys)_dir: clean env state, #1897
get back pytest?s pretty assertion failures, #1938
setup.py build_usage:
fixed build_usage not processing all commands
fixed build_usage not generating includes for debug commands
Version 1.0.9rc1 (2016-11-27)
Bug fixes:
files cache: fix determination of newest mtime in backup set
(which is used in cache cleanup and led to wrong ?A? [added]
status for unchanged files in next backup), #1860.
borg check:
fix incorrectly reporting attic 0.13 and earlier archives as corrupt
handle repo w/o objects gracefully and also bail out early if
repo is completely empty, #1815.
fix tox/pybuild in 1.0-maint
at xattr module import time, loggers are not initialized yet
New features:
borg umount <mountpoint> exposed already existing umount code
via the CLI api, so users can use it, which is more consistent
than using borg to mount and fusermount -u (or umount) to
un-mount, #1855.
implement borg create ?noatime ?noctime, fixes #1853
Other changes:
docs:
display README correctly on PyPI
improve cache / index docs, esp. files cache docs, fixes #1825
different pattern matching for ?exclude, #1779
datetime formatting examples for {now} placeholder, #1822
clarify passphrase mode attic repo upgrade, #1854
clarify ?umask usage, #1859
clarify how to choose PR target branch
clarify prune behavior for different archive contents, #1824
fix PDF issues, add logo, fix authors, headings, TOC
move security verification to support section
fix links in standalone README (:ref: tags)
add link to security contact in README
add FAQ about security
move fork differences to FAQ
add more details about resource usage
tests: skip remote tests on cygwin, #1268
travis:
allow OS X failures until the brew cask osxfuse issue is fixed
caskroom osxfuse-beta gone, it?s osxfuse now (3.5.3)
vagrant:
upgrade OSXfuse / FUSE for macOS to 3.5.3
remove llfuse from tox.ini at a central place
do not try to install llfuse on centos6
fix fuse test for darwin, #1546
add windows virtual machine with cygwin
Vagrantfile cleanup / code deduplication
To generate a diff of this commit:
cvs rdiff -u -r1.10 -r1.11 pkgsrc/sysutils/py-borgbackup/Makefile
cvs rdiff -u -r1.5 -r1.6 pkgsrc/sysutils/py-borgbackup/distinfo
diffstat:
sysutils/py-borgbackup/Makefile | 4 ++--
sysutils/py-borgbackup/distinfo | 10 +++++-----
2 files changed, 7 insertions(+), 7 deletions(-)
diffs (27 lines):
diff -r 25844dd2c75f -r 5bbd62ef46e7 sysutils/py-borgbackup/Makefile
--- a/sysutils/py-borgbackup/Makefile Sat Jan 21 10:52:00 2017 +0000
+++ b/sysutils/py-borgbackup/Makefile Sun Jan 22 18:34:51 2017 +0000
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.9 2016/11/16 13:21:14 wiz Exp $
+# $NetBSD: Makefile,v 1.9.2.1 2017/01/22 18:34:51 spz Exp $
-DISTNAME= borgbackup-1.0.8
+DISTNAME= borgbackup-1.0.9
PKGNAME= ${PYPKGPREFIX}-${DISTNAME}
CATEGORIES= sysutils
MASTER_SITES= ${MASTER_SITE_PYPI:=b/borgbackup/}
diff -r 25844dd2c75f -r 5bbd62ef46e7 sysutils/py-borgbackup/distinfo
--- a/sysutils/py-borgbackup/distinfo Sat Jan 21 10:52:00 2017 +0000
+++ b/sysutils/py-borgbackup/distinfo Sun Jan 22 18:34:51 2017 +0000
@@ -1,6 +1,6 @@
-$NetBSD: distinfo,v 1.5 2016/11/16 13:21:14 wiz Exp $
+$NetBSD: distinfo,v 1.5.2.1 2017/01/22 18:34:51 spz Exp $
-SHA1 (borgbackup-1.0.8.tar.gz) = 86a31f9982cbdbffbde67ce483fc02b2a1848675
-RMD160 (borgbackup-1.0.8.tar.gz) = 6525e312f10db9fad410f40b1364b0307404376d
-SHA512 (borgbackup-1.0.8.tar.gz) = 2a24b302da6cf0266c53a5efc7c1f500c3a3f290c1a49abbced981d2e252886e81b828ab092518f675a81b9865079af66ea34d035b34ebf19a86a153fff6bd45
-Size (borgbackup-1.0.8.tar.gz) = 501606 bytes
+SHA1 (borgbackup-1.0.9.tar.gz) = d98f28204d8cedaafc76f7f374784ed9aac4fd04
+RMD160 (borgbackup-1.0.9.tar.gz) = 170ff43929a8994825481767589b6cffcf97e653
+SHA512 (borgbackup-1.0.9.tar.gz) = 5623916b143a3d39cab41bc5cca82589a612035d9be0bfd0d211656a975b986bc0c04133bdd1ba44b628fffd84f2c4294530a7c37b9c874e878b77d6105ff0ad
+Size (borgbackup-1.0.9.tar.gz) = 541796 bytes
Home |
Main Index |
Thread Index |
Old Index