|
From: | Martin Pool |
Subject: | Re: [Duplicity-talk] new librsync release |
Date: | Sat, 31 Jan 2015 07:29:12 -0800 |
Hi,OK, duplicity just got it's first bug report about this: https://bugs.launchpad.net/bugs/1416344What this upgrade means is that a signature goes from 16 bytes to 32 bytes, and while the old sig files can be read, they can no longer be written.
To me, this fix implies a major version change since it will be a major format change and a doubling of the already large sig file. I'm thinking this should be staged along with the split signature files and targeted to version 0,8 of duplicity. There may be other concerns that I'm missing.
Thoughts?...KenOn Fri, Jan 23, 2015 at 10:43 AM, Martin Pool <address@hidden> wrote:_______________________________________________Hi,I've just made a new librsync release <https://github.com/librsync/librsync/releases/tag/v1.0.0>.This includes a fix for a security bug reported by therealmik that's relevant to Duplicity, <https://github.com/librsync/librsync/issues/5>.Unfortunately the fix for this necessitates a change in signature file format, so probably also a new version of the Duplicity archive format. librsync can read the old format but writing it is deprecated.Regards,--Martin
Duplicity-talk mailing list
address@hidden
https://lists.nongnu.org/mailman/listinfo/duplicity-talk
_______________________________________________
Duplicity-talk mailing list
address@hidden
https://lists.nongnu.org/mailman/listinfo/duplicity-talk
[Prev in Thread] | Current Thread | [Next in Thread] |