Hello community, here is the log from the commit of package borgbackup for openSUSE:Factory checked in at 2017-12-11 18:57:44 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/borgbackup (Old) and /work/SRC/openSUSE:Factory/.borgbackup.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "borgbackup" Mon Dec 11 18:57:44 2017 rev:9 rq:555920 version:1.1.3 Changes: -------- --- /work/SRC/openSUSE:Factory/borgbackup/borgbackup.changes 2017-11-15 16:55:52.204276289 +0100 +++ /work/SRC/openSUSE:Factory/.borgbackup.new/borgbackup.changes 2017-12-11 18:57:55.246509825 +0100 @@ -1,0 +2,52 @@ +Mon Dec 11 09:11:21 UTC 2017 - [email protected] + +- Update to borgbackup 1.1.3 +- Fixes: + * Security Fix for CVE-2017-15914: Incorrect implementation of access + controls allows remote users to override repository restrictions in Borg + servers. A user able to access a remote Borg SSH server is able to + circumvent access controls post-authentication. + Affected releases: 1.1.0, 1.1.1, 1.1.2. Releases 1.0.x are NOT affected. + * crc32: deal with unaligned buffer, add tests - this broke borg on older ARM + CPUs that can not deal with unaligned 32bit memory accesses and raise a bus + error in such cases. the fix might also improve performance on some CPUs as + all 32bit memory accesses by the crc32 code are properly aligned now. + * mount: fixed support of --consider-part-files and do not show .borg_part_N + files by default in the mounted FUSE filesystem. + * fixed cache/repo timestamp inconsistency message, highlight that + information is obtained from security dir (deleting the cache will not + bypass this error in case the user knows this is a legitimate repo). + * borgfs: don't show sub-command in borgfs help + * create: show an error when --dry-run and --stats are used together +- New features: + * mount: added exclusion group options and paths. + Reused some code to support similar options/paths as borg extract offers - + making good use of these to only mount a smaller subset of dirs/files can + speed up mounting a lot and also will consume way less memory. + borg mount [options] repo_or_archive mountpoint path [paths...] + paths: you can just give some "root paths" (like for borg extract) to only + partially populate the FUSE filesystem. + new options: --exclude[-from], --pattern[s-from], --strip-components + * create/extract: support st_birthtime on platforms supporting it + * add "borg config" command for querying/setting/deleting config values +- Other changes: + * clean up and simplify packaging (only package committed files, + do not install .c/.h/.pyx files) + * docs: + * point out tuning options for borg create + * add instructions for using ntfsclone, zerofree + * move image backup-related FAQ entries to a new page + * clarify key aliases for borg list --format + * mention break-lock in checkpointing FAQ entry + * document sshfs rename workaround + * add FAQ about removing files from existing archives + * add FAQ about different prune policies + * usage and man page for borgfs + * clarify create --stats duration vs. wall time + * clarify encrypted key format for borg key export + * update release checklist about security fixes + * document good and problematic option placements, fix examples + * add note on using --nobsdflags to avoid speed penalty related to bsdflags + * move most of support section to www.borgbackup.org + +------------------------------------------------------------------- Old: ---- borgbackup-1.1.2.tar.gz New: ---- borgbackup-1.1.3.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ borgbackup.spec ++++++ --- /var/tmp/diff_new_pack.m8djut/_old 2017-12-11 18:57:56.314458958 +0100 +++ /var/tmp/diff_new_pack.m8djut/_new 2017-12-11 18:57:56.314458958 +0100 @@ -18,7 +18,7 @@ Name: borgbackup -Version: 1.1.2 +Version: 1.1.3 Release: 0 Summary: Deduplicating backup program with compression and authenticated encryption License: BSD-3-Clause ++++++ borgbackup-1.1.2.tar.gz -> borgbackup-1.1.3.tar.gz ++++++ /work/SRC/openSUSE:Factory/borgbackup/borgbackup-1.1.2.tar.gz /work/SRC/openSUSE:Factory/.borgbackup.new/borgbackup-1.1.3.tar.gz differ: char 5, line 1
