LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

Tracing: no shortage of options

Interview: Wind River's John Bruggeman

LWN.net Weekly Edition for July 17, 2008

Handling kernel security problems

What Red Hat and Firestar agreed to

Printable page
Weekly edition Kernel Security Distributions Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ

Fedora alert FEDORA-2008-1584 (duplicity)



From:
    	      updates@fedoraproject.org


To:
    	      fedora-package-announce@redhat.com


Subject:
    	      [SECURITY] Fedora 7 Update: duplicity-0.4.9-1.fc7


Date:
    	      Tue, 12 Feb 2008 22:12:35 -0700


Message-ID:
    	      <200802130512.m1D5BnSq006178@bastion.fedora.phx.redhat.com>


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2008-1584
2008-02-13 04:22:43
--------------------------------------------------------------------------------

Name        : duplicity
Product     : Fedora 7
Version     : 0.4.9
Release     : 1.fc7
URL         : http://www.nongnu.org/duplicity/
Summary     : Encrypted bandwidth-efficient backup using rsync algorithm
Description :
Duplicity incrementally backs up files and directory by encrypting
tar-format volumes with GnuPG and uploading them to a remote (or
local) file server. In theory many protocols for connecting to a
file server could be supported; so far ssh/scp, local file access,
rsync, ftp, HSI, WebDAV and Amazon S3 have been written.

Because duplicity uses librsync, the incremental archives are space
efficient and only record the parts of files that have changed since
the last backup. Currently duplicity supports deleted files, full
unix permissions, directories, symbolic links, fifos, device files,
but not hard links.

--------------------------------------------------------------------------------
Update Information:

WARNING: Command line syntax incompatibility!    See e.g.
https://www.redhat.com/archives/epel-devel-list/2008-Febr... for
furhter information.     - Upgrade to 0.4.9  - Duplicity discloses password in
FTP backend (CVE-2007-5201)  - Several bug and problem fixes
--------------------------------------------------------------------------------
ChangeLog:

* Sun Feb 10 2008 Robert Scheck <robert@fedoraproject.org> 0.4.9-1
- Upgrade to 0.4.9 (#293081, #431467)
* Sat Dec  8 2007 Robert Scheck <robert@fedoraproject.org> 0.4.7-1
- Upgrade to 0.4.7
* Sat Sep 15 2007 Robert Scheck <robert@fedoraproject.org> 0.4.3-1
- Upgrade to 0.4.3 (#265701)
- Updated the license tag according to the guidelines
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #293081 - CVE-2007-5201 Duplicity discloses password in FTP backend
        https://bugzilla.redhat.com/show_bug.cgi?id=293081
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update duplicity' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
http://fedoraproject.org/keys
--------------------------------------------------------------------------------

_______________________________________________
Fedora-package-announce mailing list
Fedora-package-announce@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-ann...
(Log in to post comments)

Copyright © 2008, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds
Powered by Rackspace Managed Hosting.