[SECURITY] Fedora 8 Update: duplicity-0.4.9-1.fc8

updates at fedoraproject.org updates at fedoraproject.org
Wed Feb 13 05:00:03 UTC 2008 

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2008-1521
2008-02-13 04:17:03
--------------------------------------------------------------------------------

Name        : duplicity
Product     : Fedora 8
Version     : 0.4.9
Release     : 1.fc8
URL         : http://www.nongnu.org/duplicity/
Summary     : Encrypted bandwidth-efficient backup using rsync algorithm
Description :
Duplicity incrementally backs up files and directory by encrypting
tar-format volumes with GnuPG and uploading them to a remote (or
local) file server. In theory many protocols for connecting to a
file server could be supported; so far ssh/scp, local file access,
rsync, ftp, HSI, WebDAV and Amazon S3 have been written.

Because duplicity uses librsync, the incremental archives are space
efficient and only record the parts of files that have changed since
the last backup. Currently duplicity supports deleted files, full
unix permissions, directories, symbolic links, fifos, device files,
but not hard links.

--------------------------------------------------------------------------------
Update Information:

WARNING: Command line syntax incompatibility!    See e.g.
https://www.redhat.com/archives/epel-devel-list/2008-February/msg00056.html for
furhter information.     - Upgrade to 0.4.9  - Duplicity discloses password in
FTP backend (CVE-2007-5201)  - Several bug and problem fixes
--------------------------------------------------------------------------------
ChangeLog:

* Sun Feb 10 2008 Robert Scheck <robert at fedoraproject.org> 0.4.9-1
- Upgrade to 0.4.9 (#293081, #431467)
* Sat Dec  8 2007 Robert Scheck <robert at fedoraproject.org> 0.4.7-1
- Upgrade to 0.4.7
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #293081 - CVE-2007-5201 Duplicity discloses password in FTP backend
        https://bugzilla.redhat.com/show_bug.cgi?id=293081
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update duplicity' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
http://fedoraproject.org/keys
--------------------------------------------------------------------------------

More information about the package-announce mailing list