|
|
@@ -6,6 +6,46 @@ Important notes
|
|
|
|
|
|
This section provides information about security and corruption issues.
|
|
|
|
|
|
+.. _broken_validator:
|
|
|
+
|
|
|
+Pre-1.1.4 potential data corruption issue
|
|
|
+-----------------------------------------
|
|
|
+
|
|
|
+A data corruption bug was discovered in borg check --repair, see issue #3444.
|
|
|
+
|
|
|
+This is a 1.1.x regression, releases < 1.1 (e.g. 1.0.x) are not affected.
|
|
|
+
|
|
|
+To avoid data loss, you must not run borg check --repair using an unfixed version
|
|
|
+of borg 1.1.x. The first official release that has the fix is 1.1.4.
|
|
|
+
|
|
|
+Package maintainers may have applied the fix to updated packages of 1.1.x (x<4)
|
|
|
+though, see the package maintainer's package changelog to make sure.
|
|
|
+
|
|
|
+If you never had missing item metadata chunks, the bug has not affected you
|
|
|
+even if you did run borg check --repair with an unfixed version.
|
|
|
+
|
|
|
+When borg check --repair tried to repair corrupt archives that miss item metadata
|
|
|
+chunks, the resync to valid metadata in still present item metadata chunks
|
|
|
+malfunctioned. This was due to a broken validator that considered all (even valid)
|
|
|
+item metadata as invalid. As they were considered invalid, borg discarded them.
|
|
|
+Practically, that means the affected files, directories or other fs objects were
|
|
|
+discarded from the archive.
|
|
|
+
|
|
|
+Due to the malfunction, the process was extremely slow, but if you let it
|
|
|
+complete, borg would have created a "repaired" archive that has lost a lot of items.
|
|
|
+If you interrupted borg check --repair because it was so strangely slow (killing
|
|
|
+borg somehow, e.g. Ctrl-C) the transaction was rolled back and no corruption occurred.
|
|
|
+
|
|
|
+The log message indicating the precondition for the bug triggering looks like:
|
|
|
+
|
|
|
+ item metadata chunk missing [chunk: 001056_bdee87d...a3e50d]
|
|
|
+
|
|
|
+If you never had that in your borg check --repair runs, you're not affected.
|
|
|
+
|
|
|
+But if you're unsure or you actually have seen that, better check your archives.
|
|
|
+By just using "borg list repo::archive" you can see if all expected filesystem
|
|
|
+items are listed.
|
|
|
+
|
|
|
.. _tam_vuln:
|
|
|
|
|
|
Pre-1.0.9 manifest spoofing vulnerability (CVE-2016-10099)
|
|
|
@@ -131,8 +171,8 @@ The best check that everything is ok is to run a dry-run extraction::
|
|
|
Changelog
|
|
|
=========
|
|
|
|
|
|
-Version 1.1.3 (2017-11-27)
|
|
|
---------------------------
|
|
|
+Version 1.1.4 (not released yet)
|
|
|
+--------------------------------
|
|
|
|
|
|
Compatibility notes:
|
|
|
|
|
|
@@ -150,6 +190,51 @@ Compatibility notes:
|
|
|
You can avoid the one-time slowdown by using the pre-1.1.0rc4-compatible
|
|
|
mode (but that is less safe for detecting changed files than the default).
|
|
|
See the --files-cache docs for details.
|
|
|
+- borg 1.1.4 changes:
|
|
|
+
|
|
|
+ - zstd compression is new in borg 1.1.4, older borg can't handle it.
|
|
|
+ - new minimum requirements for the compression libraries - if the required
|
|
|
+ versions (header and lib) can't be found at build time, bundled code will
|
|
|
+ be used:
|
|
|
+
|
|
|
+ - added: libzstd >= 1.3.0 (bundled: 1.3.2)
|
|
|
+ - updated: liblz4 >= 1.7.0 / r129 (bundled: 1.8.0)
|
|
|
+
|
|
|
+Fixes:
|
|
|
+
|
|
|
+- data corruption fix: fix for borg check --repair malfunction, #3444.
|
|
|
+ See the more detailled notes close to the top of this document.
|
|
|
+- also delete security dir when deleting a repo, #3427
|
|
|
+- fix building the "borg prune" man page, #3398
|
|
|
+
|
|
|
+New features:
|
|
|
+
|
|
|
+- added zstd compression. try it!
|
|
|
+- added placeholder for fqdn in reverse notation
|
|
|
+
|
|
|
+Other changes:
|
|
|
+
|
|
|
+- list help topics when invalid topic is requested
|
|
|
+- add auto-generated docs for borg config
|
|
|
+- don't generate HTML docs page for borgfs, #3404
|
|
|
+- refactored build of the compress and crypto.low_level extensions, #3415:
|
|
|
+
|
|
|
+ - move some lib/build related code to setup_{zstd,lz4,b2}.py
|
|
|
+ - bundle lz4 1.8.0 (requirement: >= 1.7.0 / r129)
|
|
|
+ - bundle zstd 1.3.2 (requirement: >= 1.3.0)
|
|
|
+ - blake2 was already bundled
|
|
|
+ - rename BORG_LZ4_PREFIX env var to BORG_LIBLZ4_PREFIX for better consistency:
|
|
|
+ we also have BORG_LIBB2_PREFIX and BORG_LIBZSTD_PREFIX now.
|
|
|
+ - add prefer_system_lib* = True settings to setup.py - by default the build
|
|
|
+ will prefer a shared library over the bundled code, if library and headers
|
|
|
+ can be found and meet the minimum requirements.
|
|
|
+- fix lz4 deprecation warning, requires lz4 >= 1.7.0 (r129)
|
|
|
+- add parens for C preprocessor macro argument usages (did not cause malfunction)
|
|
|
+- exclude broken pytest 3.3.0 release
|
|
|
+
|
|
|
+
|
|
|
+Version 1.1.3 (2017-11-27)
|
|
|
+--------------------------
|
|
|
|
|
|
Fixes:
|
|
|
|
TW