./sysutils/tarsnap, Secure online backup service

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 1.0.39, Package name: tarsnap-1.0.39, Maintainer: pkgsrc-users

Tarsnap is a secure online backup service for BSD, Linux, OS X,
Solaris, Cygwin, and can probably be compiled on many other UNIX-like
operating systems. The Tarsnap client code provides a flexible and
powerful command-line interface which can be used directly or via
shell scripts.


Required to build:
[pkgtools/cwrappers]

Master sites:

SHA1: 27ab43bc4fd9e838769a62a5bde61ace12ddcfdb
RMD160: 482780f031e20a1b33f5b62ef93a730bd957c4d7
Filesize: 626.063 KB

Version history: (Expand)


CVS history: (Expand)


   2017-07-29 08:19:28 by Thomas Klausner | Files touched by this commit (2) | Package updated
Log message:
Updated tarsnap to 1.0.39.

Tarsnap 1.0.39 is now available.  (Yes, just 2 weeks after 1.0.38.)  This
version brings several important bug fixes:

* tarsnap 1.0.38 (but not earlier versions) would exit with an assertion
failure after successfully creating an archive containing a file with a
"last modified" time prior to January 1st, 1970.

* tarsnap 1.0.38 and earlier could crash if instructed to archive the
contents of corrupt cpio or ar archives (via the @archive directive).

* tarsnap 1.0.38 and earlier could crash if passed an invalidly encrypted
key file.
   2017-07-15 08:11:56 by Thomas Klausner | Files touched by this commit (2) | Package updated
Log message:
Updated tarsnap to 1.0.38.

Tarsnap 1.0.38 is now available.  This version brings several new features
compared to tarsnap 1.0.37:

* Tarsnap now supports OpenSSL 1.1.

* tarsnap accepts an --iso-dates option, which causes times to be printed in
YYYY-MM-DD HH:MM:SS format rather than the traditional unix "ls -l" style.

* tarsnap accepts a --force-resources option to proceed with decryption of a
passphrase-encrypted key file even if it is anticipated to use an excessive
amount of memory or CPU time.  (This may be useful if tarsnap inaccurately
estimates the amount of memory your system has available.)

* tarsnap accepts an --archive-names <file> option, which reads a list of
archive names to operate on when operating in -d and --print-stats modes.
(This should make some scripts simpler; no more need to construct a command
line which has '-f' inserted before each archive name.)

Potentially (but unlikely) breaking changes in this code compared to tarsnap
1.0.37:

* tarsnap now applies the --humanize-numbers option to the "progress" \ 
output
printed by SIGINFO / SIGUSR1.  If you have scripts which send signals to
tarsnap and parse its output, they may need to be updated.

* tarsnap -v now prints 'Deleting archive "foo"' even if only one \ 
archive is
being deleted.  If you have scripts which parse the output of tarsnap -v,
they may need to be updated.

* tarsnap now prints a warning if you pass '--configfile /nosuchfile'.  If you
have scripts which rely on being able to specify nonexistent configuration
files and not get any warnings from tarsnap, they may need to be updated.
(Also, if you were doing that, I *really* want to know why.)

There are also two changes which most users should not encounter:

* tarsnap now has an --initialize-cachedir mode; this is intended for use by
the GUI.  (The cache directory will be initialized automatically in normal
usage of the tarsnap command-line utility.)

* tarsnap's configure script takes a --with-conf-no-sample option which
results in the sample tarsnap configuration file being installed as
"tarsnap.conf" rather than "tarsnap.conf.sample".  This is \ 
intended for use in
some packaging systems which have mechanisms for managing configuration files,
and should probably not be used by hand (since it will overwrite your existing
tarsnap.conf).
   2016-03-10 23:54:13 by Thomas Klausner | Files touched by this commit (2) | Package updated
Log message:
Update tarsnap to 1.0.37.

First the new release: Tarsnap 1.0.37 is now available.  This version brings
the following substantive changes compared to tarsnap 1.0.36:

 * tarsnap-key(gen|mgmt|regen) now accept a --passphrase-time option,
which specifies the duration to be spent on computing the derived keys
used for encrypting the tarsnap key file.

 * tarsnap now accepts a --keep-going option when deleting or printing
statistics about multiple archives.

 * tarsnap-keymgmt now accepts a --print-key-permissions option for
listing the permissions contained in a key file.

 * tarsnap --print-stats now accepts a --csv-file option for printing
statistics in comma-separated-value format.

 * tarsnap now accepts a --verify-config command which exits silently
after checking the configuration file(s) for syntax errors.

 * tarsnap now looks for a server named "v1-0-0-server.tarsnap.com"
instead of the historic "betatest-server.tarsnap.com" hostname.  This
should have no user-visible effect in most configurations.

 * tarsnap now correctly warns if a sparse extract fails due to hardlinks.

 * tarsnap now prints a warning if creating an empty archive.

As usual, there are also many minor build fixes, harmless bug fixes, and code
refactoring / cleanup changes.  For a full listing of changes, consult the
tarsnap git repository: https://github.com/Tarsnap/tarsnap
   2016-03-05 12:29:49 by Jonathan Perkin | Files touched by this commit (1813) | Package updated
Log message:
Bump PKGREVISION for security/openssl ABI bump.
   2015-11-04 02:32:42 by Alistair G. Crooks | Files touched by this commit (499)
Log message:
Add SHA512 digests for distfiles for sysutils category

Problems found with existing digests:
	Package memconf distfile memconf-2.16/memconf.gz
	b6f4b736cac388dddc5070670351cf7262aba048 [recorded]
	95748686a5ad8144232f4d4abc9bf052721a196f [calculated]

Problems found locating distfiles:
	Package dc-tools: missing distfile dc-tools/abs0-dc-burn-netbsd-1.5-0-gae55ec9
	Package ipw-firmware: missing distfile ipw2100-fw-1.2.tgz
	Package iwi-firmware: missing distfile ipw2200-fw-2.3.tgz
	Package nvnet: missing distfile nvnet-netbsd-src-20050620.tgz
	Package syslog-ng: missing distfile syslog-ng-3.7.2.tar.gz

Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden).  All existing
SHA1 digests retained for now as an audit trail.
   2015-08-21 20:03:22 by Thomas Klausner | Files touched by this commit (2) | Package updated
Log message:
Update to 1.0.36.1:
OS X lacks the POSIX-mandated clock_gettime function, and tarsnap is
not using libcperciva's "support broken operating systems" compatibility
mechanism yet.  Add -DPOSIXFAIL_CLOCK_REALTIME to the build.
   2015-08-21 16:43:17 by Thomas Klausner | Files touched by this commit (2) | Package updated
Log message:
Update to 1.0.36:

1. SECURITY FIX: When constructing paths of objects being archived, a buffer
could overflow by one byte upon encountering 1024, 2048, 4096, etc. byte
paths. Theoretically this could be exploited by an unprivileged user whose
files are being archived; I do not believe it is exploitable in practice,
but I am offering a $1000 bounty for the first person who can prove me wrong:
http://www.daemonology.net/blog/2015-08 … ounty.html

2. SECURITY FIX: An attacker with a machine's write keys, or with read keys
and control of the tarsnap service, could make tarsnap allocate a large
amount of memory upon listing archives or reading an archive the attacker
created; on 32-bit machines, tarsnap can be caused to crash under the
aforementioned conditions.

3. BUG FIX: Tarsnap no longer crashes if its first DNS lookup fails.

4. BUG FIX: Tarsnap no longer exits with "Callbacks uninitialized" when
running on a dual-stack network if the first IP stack it attempts fails to
connect.

5. tarsnap now avoids opening devices nodes on linux if it is instructed to
archive /dev/.  This change may prevent "watchdog"-triggered reboots.

6. tarsnap -c --dry-run can now run without a keyfile, allowing users to
predict how much Tarsnap will cost before signing up.

7. tarsnap now has bash completion scripts.

8. tarsnap now takes a --retry-forever option.

9. tarsnap now automatically detects and uses AESNI and SSE2.

As usual, there are also many minor build fixes, harmless bug fixes, and code
refactoring / cleanup changes.  For a full listing of changes, consult the
tarsnap git repository: https://github.com/Tarsnap/tarsnap
   2014-08-21 18:02:11 by Jonathan Perkin | Files touched by this commit (1)
Log message:
Fix build on SunOS (needs explicit -lnsl).