[Bug 918489] Re: duplicity allows a new, different passphrase if an archive cache exists
This bug was fixed in the package deja-dup - 37.1-2fakesync1ubuntu0.2 --- deja-dup (37.1-2fakesync1ubuntu0.2) bionic; urgency=medium * debian/patches/invalid_password_handling.patch: - handle correctly when an invalid password is entered (lp: #918489) -- Sebastien Bacher Thu, 25 Nov 2021 17:53:50 +0100 ** Changed in: deja-dup (Ubuntu Bionic) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/918489 Title: duplicity allows a new, different passphrase if an archive cache exists To manage notifications about this bug go to: https://bugs.launchpad.net/deja-dup/+bug/918489/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 918489] Re: duplicity allows a new, different passphrase if an archive cache exists
I tested this and it worked! - Made an initial backup, not saving password. - Backed up again, changing the password. With the old version, I got an error at "verify the backup" step. But the backup files did end up being written with the wrong password. With the new version, it did not accept the wrong password and re- prompted me for the password (correct behavior). Thank you for uploading the fix! ** Tags removed: verification-needed verification-needed-bionic ** Tags added: verification-done-bionic -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/918489 Title: duplicity allows a new, different passphrase if an archive cache exists To manage notifications about this bug go to: https://bugs.launchpad.net/deja-dup/+bug/918489/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 918489] Re: duplicity allows a new, different passphrase if an archive cache exists
From a quick glance at the code, Xenial doesn't look fixed to me. Bionic has the issue and so the SRU for Bionic is correct. Focal has the issue fixed. Since Xenial is past the end of standard support I expect it won't be fixed for this issue anyway, but I'm just noting that the bug status may be wrong. ** Tags added: verification-needed verification-needed-bionic -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/918489 Title: duplicity allows a new, different passphrase if an archive cache exists To manage notifications about this bug go to: https://bugs.launchpad.net/deja-dup/+bug/918489/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 918489] Re: duplicity allows a new, different passphrase if an archive cache exists
** Changed in: deja-dup (Ubuntu Bionic) Status: Triaged => Fix Committed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/918489 Title: duplicity allows a new, different passphrase if an archive cache exists To manage notifications about this bug go to: https://bugs.launchpad.net/deja-dup/+bug/918489/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 918489] Re: duplicity allows a new, different passphrase if an archive cache exists
Upstream closed the duplicity task without details so let's assume it's fixed in the current version and Ubuntu serie ** Changed in: duplicity (Ubuntu Yakkety) Status: Confirmed => Won't Fix ** Changed in: duplicity (Ubuntu) Status: Triaged => Fix Released ** Changed in: deja-dup (Ubuntu Bionic) Importance: Undecided => High ** Changed in: deja-dup (Ubuntu Bionic) Status: New => Triaged ** Changed in: duplicity (Ubuntu Trusty) Status: Confirmed => Won't Fix ** Changed in: duplicity (Ubuntu Xenial) Status: Confirmed => Won't Fix ** Changed in: duplicity (Ubuntu Bionic) Status: New => Won't Fix -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/918489 Title: duplicity allows a new, different passphrase if an archive cache exists To manage notifications about this bug go to: https://bugs.launchpad.net/deja-dup/+bug/918489/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 918489] Re: duplicity allows a new, different passphrase if an archive cache exists
It escaped my attention at the time, but Ubuntu 18.04 released with both a version of duplicity that shows the new incremental-backups-also-have- this-issue behavior (see my comment 22) and a release of deja-dup that wasn't yet fixed to avoid it. Which means that deja-dup in Ubuntu 18.04 is still affected by this bug (for incremental backups). These two commits landed in deja-dup 39.1 and should work around it, if someone wanted to patch deja-dup in 18.04 (I've opened a target for bionic for this bug): https://gitlab.gnome.org/World/deja-dup/-/commit/4f325940dae7fc259b4be70fccec40c94617f4d4 https://gitlab.gnome.org/World/deja-dup/-/commit/135f4c83774b6dafe194236f99f1405f45032498 For users, you can also install the snap version of deja-dup to avoid this as well. ** Also affects: duplicity (Ubuntu Bionic) Importance: Undecided Status: New ** Also affects: deja-dup (Ubuntu Bionic) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/918489 Title: duplicity allows a new, different passphrase if an archive cache exists To manage notifications about this bug go to: https://bugs.launchpad.net/deja-dup/+bug/918489/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 918489] Re: duplicity allows a new, different passphrase if an archive cache exists
** Changed in: duplicity Status: Confirmed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/918489 Title: duplicity allows a new, different passphrase if an archive cache exists To manage notifications about this bug go to: https://bugs.launchpad.net/deja-dup/+bug/918489/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 918489] Re: duplicity allows a new, different passphrase if an archive cache exists
IMHO: A backup software that has a "problem when restoring" is completely worthless, not "another issue". If you are doing an encrypted backup and somebody gets access to your passphrase, the safe thing to do is create a completely new backup with a new passphrase, and wipe (and destroy) all existing backup copies, caches and everything else ASAP since it's basically an unencrypted backup. Just IMHO. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/918489 Title: duplicity allows a new, different passphrase if an archive cache exists To manage notifications about this bug go to: https://bugs.launchpad.net/deja-dup/+bug/918489/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 918489] Re: duplicity allows a new, different passphrase if an archive cache exists
Although comment 22 is IMHO a duplicity bug, the fact that you can do a full backup with a new passphrase is, for me, a feature. If somebody had access to your passphrase, the safe thing to do is to rotate it, do a full backup, and stick with the new one from there onwards. There's a problem restoring, but that's another issue. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/918489 Title: duplicity allows a new, different passphrase if an archive cache exists To manage notifications about this bug go to: https://bugs.launchpad.net/deja-dup/+bug/918489/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 918489] Re: duplicity allows a new, different passphrase if an archive cache exists
** Changed in: duplicity Status: New => Confirmed ** Changed in: duplicity (Ubuntu) Importance: Undecided => High ** Changed in: duplicity (Ubuntu) Status: Confirmed => Triaged -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/918489 Title: duplicity allows a new, different passphrase if an archive cache exists To manage notifications about this bug go to: https://bugs.launchpad.net/deja-dup/+bug/918489/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs