SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for rdiffweb-2.4.9-lp155.3.1.noarch.rpm :

* Fri Sep 30 2022 shantikulkarniAATTobs- Update to 2.4.9
* 2.4.9 (2002-09-28) This releases include a security fix. If you are using an earlier version, you should upgrade to this release immediately. Add Cache-Control and other security headers CVE-2022-3292 Enforce password policy using password-score based on zxcvbn CVE-2022-3326
* 2.4.8 (2022-09-26) This releases include a security fix. If you are using an earlier version, you should upgrade to this release immediately. Clean-up invalid path on error page Limit username field length CVE-2022-3290 Limit user\'s email field length CVE-2022-3272 Limit user\'s root directory field length CVE-2022-3295 Limit SSH Key title field length CVE-2022-3298
* 2.4.7 (2002-09-21) This releases include a security fix. If you are using an earlier version, you should upgrade to this release immediately. Generate a new session on login and 2FA #220 CVE-2022-3269 Mitigate CSRF on user\'s settings #221 CVE-2022-3274
* 2.4.6 (2022-09-20) This releases include a security fix. If you are using an earlier version, you should upgrade to this release immediately. Support MarkupSafe<3 for Debian bookworm Mitigate CSRF on user\'s notification settings #216 CVE-2022-3233 Mitigate CSRF on repository settings #217 CVE-2022-3267 Use \'Secure\' Attribute with Sensitive Cookie in HTTPS Session on HTTP Error #218 CVE-2022-3174
* Sun Sep 18 2022 shantikulkarniAATTobs- Fix broken package due to omitted plugins- Update to 2.4.5
* 2.4.4 (2002-09-15) This releases include a security fix. If you are using an earlier version, you should upgrade to this release immediately. Use X-Real-IP to identify client IP address to mitigate Brute-Force attack #213
* 2.4.3 (2022-09-14) This releases include a security fix. If you are using an earlier version, you should upgrade to this release immediately. Mitigate CSRF in profile\'s SSH Keys #212
* 2.4.2 (2022-09-12) This releases include a security fix. If you are using an earlier version, you should upgrade to this release immediately. Use \'Secure\' Attribute with Sensitive Cookie in HTTPS Session. CVE-2022-3174 #209 Avoid leakage of the stack trace in the default error page. CVE-2022-3175 #210 Enforce minimum and maximum password length CVE-2022-3175 #211
* 2.4.1 (2022-09-08) This releases include a security fix. If you are using an earlier version, you should upgrade to this release immediately. Add Clickjacking Defense CVE-2022-3167 Drop Ubuntu Hirsute & Impish (End-of-life)
* Mon Aug 08 2022 shantikulkarniAATTOBS- Update package to rdiffweb 2.4.0
* 2.4.0 (2022-06-21) This new release brings a lot of improvement since the last version, multiple bug fixes to make the application stable. A couple of new features to improve the overall usability and a new security feature to block a brute force attack. Add RateLimit to login page and API to mitigate robots attacks #167 Send email notification only if email-sender option is defined to avoid raising exception in logs #176 Support file restore cancellation without leaving rdiffweb-restore process in state #174 Replace python-ldap by ldap3 a pure python implementation to avoid dependencies on sasl and ldap binaries #186 Reffactor core module to allow better extendability and reusability #183 Add support for Debian Bookworm #180 Add support for Ubuntu Impish #175 Add rdiff-backup version to administration view Run unit test during Debian build package Refresh repository list automatically when required #188 #189 Fix error 500 displayed in status page #191 Improve repository browsing speed by minimizing the number of I/O call #192 Publish Docker image directly to DockerHub #144
* Thu Jan 20 2022 shantikulkarniAATTOBS- Update package to rdiffweb 2.3.9
* 2.3.9 (2022-01-05) Maintenance release to fix minor issues Improve date parsing for backup.log to avoid printing exception in logs #170 Return HTTP error 403 for invalid symlink to avoid returning a misleading HTTP 500 Server Error #168 Show a user friendly error message when trying to create a new user with an existing username #169 Handle repository without last-backup date during the notification process to ensure notifications are sent #171 Replace CherryPy storage_type by storage_class to avoid warning in logs Update code to avoid deprecation warning where applicable Add Flake8 validation to improve code quality Remove Ubuntu Groovy support
* 2.3.8 (2021-12-01) Push all artefacts to nexus server including binaries and documentation Fix Chart.js loading on Debian bullseye #164 Update installation steps documentation Improve LDAP authentication to lookup entire directory Fix usage of --ldap-add-user-default-userroot to avoid error related to wrong encoding Improve authentication mechanics Avoid raising an HTTP error 500 when login form receive invalid payload Mitigate open redirect vulnerability in login form
* 2.3.7 (2021-10-21) To avoid backward compatibility issue, revert CSRF Token validation Mitigate CSRF vulnerability using cookies with SameSite=Lax Mitigate CSRF vulnerability by validating the Origin header when a form is submited Improve usage of WTForm for all form validation Update installation stepd for debian #162 Build Ubuntu packages and publish them to our APT repo
* 2.3.5 (2021-10-18) Mitigate CSRF vulnerability to user, ssh and repo management with CSRF Token
* 2.3.4 (2021-09-20) Skip email notification if email-host configuration is not provided #157 Skip email notification when the new attribute value has the same value #159 USE LDAP mail attribute when creating new user from LDAP directory #156
* 2.3.3 (2021-09-10) Provide a new theme blue to match IKUS Soft colors #158
* 2.3.2 (2021-09-07) Automatically update user\'s repository list based on user\'s home directory
* 2.3.1 (2021-07-14) Update default session-dir location to /var/lib/rdiffweb/session to avoid using /var/run #148 (This package changes session-dir to /var/cache/rdiffweb/session)
* Sat Sep 04 2021 shantikulkarniAATTOBS- Update package to rdiffweb 2.3.0- Add requirements: python-chartkick, python-APScheduler- Change session directory in rdw.conf to /var/cache
* 2.3.0 (2021-07-06) Improve timezone handling to display date with local timezone using javascript #143 Improve charts by replacing d3js by chartkick #122 Replace the status view by something meaningful with chartkick #122 Provide Docker image with Rdiffweb docker pull ikus060/rdiffweb #55 Fix file and folder sorting #143
* 2.2.0 (2021-05-11) Debian package: Add rdiff-backup as dependencies to comply with Debian packaging rules Multiple other fixed to control files Use debhelper-compat (= 13) Use debhelper-compat (= 13) Run test during packaging Create default folder /var/run/rdiffweb/sessions to store user session Use ConfigArgPare for configuration to support configuration file, environment variables and arguments to configure rdiffweb #114 Fix cache in localization module Add ldap-add-default-role and ldap-add-default-userroot option to define default value for role and user root when creating user from LDAP #125 Support PostgreSQL database by replacing our storage layer by SQLAlchemy #126 Fix to retrieve user quota only for valid user_root #135 Add option disable-ssh-keys to disable SSH Key management Use absolute URL everywhere Add support for X-Forward-For, X-Forward-proto and other reverse proxy header when generating absolute URL Drop Debian Strech support Implement a new background scheduler using apscheduler #82 Use background job to send email notification to avoid blocking web page loading #47 Use background job to delete repository to avoid blocking web page loading #48 Allow deleting a specific file or folder from the history using rdiff-backup-delete #128 Improve support for session-dir #131 Add option admin-password to define administrator password for better security Improve performance of repository browsing Add a new view to display logs of a specific repository Allow downloading the log Define a default limit to graph statistics to make it display faster Fix get-quota-cmd option to properly return a value
* Tue Apr 06 2021 shantikulkarniAATTOBS- Update package to 2.1.0- Add python-humanfriendly requires
* 2.0.0 (2021-01-15) Debian package: Remove dh-systemd from Debian build dependencies (https://bugs.debian.org/871312we) Improve Quota management: QuotaSetCmd, QuotaGetCmd and QuotaUsedCmd options could be used to customize how to set the quota for your environment. Display user\'s quota in User View Display user\'s quota in Admin View Allow admin to update user quota from Admin View when QuotaSetCmd is defined. Allow admin to define user quota using human readable value (e.g.: GiB, TiB, etc.) Improve logging around quota management Improve robustness when service is starting Improve robustness when repository has wrong permission defined (e.g.: when some files not readable) Add user id in Admin view Replace UserObject(1) by the actual username in log file to improve debugging
* Sat Jan 02 2021 shantikulkarniAATTOBS- Updated package to 2.0.2- Build from gitlab source
* 2.0.0 (2020-12-04) Re-implement logic to update repositories views to remove duplicates and avoid nesting repo. #107 Handle elapsed time of days in the graph. Thanks Nathaniel van Diepen contributions. Rebrand all link to ikus-soft.com Update documentation to install rdiffweb Remove obsolete minify dependency Drop support for python2 Provide null translation if translation catalogues are not found Pass a LANG environment variable to rdiff-backup restore process to fix encoding issue #112 Remove obsolete python shebang Remove execution bit (+x) on python modules Provide --help and --version on rdiffweb executable Improve cherrypy version detection Do not update translation files (.mo) during build
* Sun Jul 26 2020 shantikulkarniAATTOBS- Updated package from rdiffweb 1.2.2 -> 1.5.0 Add dependency python-WTForms
* 1.5.0 (2020-06-24) This minor release introduce official support of rdiffweb on Debian Bullseye. It also includes some usability improvements. Change formatting of Last Backup date for \"Updated 3 weeks ago\" to ease the readability Add support for Debian Bullseye Add support for Python 3.8 (#104) Add warning in the users list view when a root directory is invalid (#30) Add options to control search depthness (#1) Print a warning in the log when the \"DefaultTheme\" value is not valid (#90)
* 1.4.1 (2020-06-24) Change formatting of Last Backup date for \"Updated 3 weeks ago\" to ease the readability Add support for Debian Bullseye Add support for Python 3.8 (#104) Add warning in the users list view when a root directory is invalid (#30) Add options to control search depthness (#1) Print a warning in the log when the \"DefaultTheme\" value is not valid (#90)
* 1.4.0 (2020-05-20) Fix single repository discovery when a user\'s home is a rdiff-backup repository [SPONSORED] Add a new setting at the user level to define the user\'s role. Admin, Maintainer and User. Admin are allowed to do everything. Maintainer are allow to browse and delete repo. Users are only allowed to browse. #94 Add \"Powered by\" in the web interface footer #91 Display a nice error message when trying to delete admin user #93 Introduce usage of wtforms and flash in admin users for better form validation. #96 #97 Update French translation
* 1.3.2 (2020-04-23) Fix lookup of executable rdiff-backup and rdiffweb-restore to search in current virtualenv first Fix repository view when multiple repo path are conflicting Fix logging of rdiffweb-restore subprocess
* 1.3.1 (2020-04-10) Enforce password encryption by using SSHA scheme #88
* 1.3.0 (2020-04-07) Restore file and folder in a subprocess to make the download start faster Fix encoding of archive on Python3.6 (CentOS 7) by using PAX format Add support to restore files and folders using rdiff-backup2 Remove obsolete dependencies pysqlite2 Fix issue creating duplicate entries of repository in the database [#] rdiffweb-1.1.0-1
* Update to build with python3
* Remove init and non-SuSE instructions
* Remove %clean
* Original changelog for 1.1.0 (2019-10-31):
* This release focus on improving the admin area and building the fundation for repository access control list (ACL).
* Update documentation from PDSL web site
* Improve the navigation bar layout
* Update the login page headline
* Update jinja2 version to allow 2.10.x
* Show server log in admin area
* Reduce code smell
* Add System information in admin area
* Validate credential using local database before LDAP
* Reffactoring templates macros
* Enhance user\'s view search bar
* Change repository URL to username/repopath
* Add System information in admin area
* Improve testcases
* Clean-up obsolete code
* Fix issue with captital case encoding name
* Fix compilation of less files
* Fix google font import [#] 1.0.3 (2019-10-04)
* Removing the auto update repos [#] 1.0.2 (2019-10-01)
* Create \"admin\" user if missing
* Update french translation [#] 1.0.0 (2019-09-11)
* Make repository removal more robust
* Improve performance of librdiff
* Add new RESTful api
* Return the right HTTP 401 or 402 error code for authentication
* Fix bug introduce by upgrade to Jinja2 + python3
* Store ssh keys in database and disk
* Add support for theme (default, orange)
* Remove deprecated profiling code
* Add disk usage support / quota
* Add support of cherrypy v18
* Drop support of cherrypy v3.2.2
* Add wsgi entry point
* Replace the plugins architecture to ease implementation
* Numerous bug fixes [#] 0.10.9 (2019-05-22)
* Better error handling when error.log file are not valid gzip file [#] 0.9.5
* Enhance NotificationPlugin to send email when user change his email address.
* Add a `limit` parameter to history page. Fix #7
* Force URL encoding ISO-8859-1 in py3 and cherrypy >= 5.5.0
* Remove funcsigs from dependencies
* Provide a tox configuration.
* Change nosetests verbosity
* Change requirement to babel >= 1.3
* Fix bug github/#65 in status.xml reported by bahamut45.
* Add path to librdiff exception.
* Upgrade cherrypy version to 3.5.0 to run around a bug.
* Fix package name python2 > python
* Add nginx config file to extras
* Update docs with nginx config.
* Remove trailing slash (/) from restore URLs
* Enable profiling when any --profile-
* arguments is used.
* Replace login/logout page with a cherrypy tool.
* Allow plugin to add extra head.
* Change a bit the restore url to allow multiple kind
* Make a plugin from encoding settings.
* Make alerts messages dismissible.
* Fix notifications plugins to set max age. Fix #28
* Support remove_older by executing rdiff-backup command line.
* Reverse ordering of activate and add templates.
* Create a new JobPlugin to centralize code for fixed time execution.
* Change style of remove_older template.
* Add icons & colors to ajax form submit.
* Add `ok` icon to fontello.
* Add RemoveOlder plugin.
* Change location of javascripts. Add ajax form submit.
* Add `set_attr` and `get_attr` for repos.
* Add `attention` icons to fontello.less
* Make sure to add all `templates_content` to settings page.
* Fix locations templates to show all `templates_before_content`
* Refactor user library again to remove get_
* and set_
*.
* Update templates to set the right activate page.
* Make \'build_less\' optional.
* Return false if resource_filename doesn\'t exists.
* Fix graphs browsing to `data` for python 3.
* Fix typo in default configuration comments.
* Add documentation about authentication.
* Relayout the download button in restore folder page.
* Remove useless border-bottom-right-
* from login widget.
* Add text to static() assertion.
* Upgrade to basic Bootstrap 3.3.6 (default theme).
* Fix Graphs plugin to receive poppath are bytes.
* Fix poppath to read args using unquote.
* Replace Grunt by lessc. Relocated main.css.
* Serve favicon.ico using a page handler.
* Replace configuration by decorator for login page.
* Move delete repo into a plugins.
* Replace _cp_dispatch by class decorators.
* Enable Graphs plugin by default.
* Fix pages title in layout_repo.html
* Create a markdown file to hold all documentation. See pdsl-www/#63
* Compute next execution time once notifications are sent. see #3
* Add Graphs plugin. See #11
* Improve librdiff file statistics
* Add some icon to fontello
* Update layouts to support configurable nav bar.
* Make sure to log the exception shown using default error page.
* Remove obsolete `from builtins import object` from rdw_app
* Add test coverage to page_restore.
* Add Test coverage for page_prefs.
* Add test coverage for settings page.
* Change error handling in locations page. see #17
* Continue updating error handling to avoid using ValueError.
* Replace any call to _compile_error_template by an HTTPError
* Alway show header name in title
* Replace default error page by a nice one. see #17
* Enhance the logging configuration. see #24
* Remove debug flag when restoring files.
* Add mail notification. see #3
* Use UserObject as current user. Add RepoObject.
* Recover plugin description. Lost when migrating plugin.
* Support repo without backup date.
* In HTML templates replace non-breaking space (\\xC2\\xA0) by space.
* Fix archive encoding. See pdsl/minarca#121
* Continue to enhance content-disposition. see pdsl/minarca#120
* Fix content-disposition for file and archive. See pdsl/minarca#120
* Reorganize import in filter_authentication
* Fix small encoding issue with authform redirection.
* Quick implementation of UserObject.
* Fix archiver to support python < 2.7.3
* Pipe archive creation. see #8
* Add debug signal to dump thread.
* Reorganize jinja2 template to use extends
* Fix FavIcon and HeaderLogo support.
* Disable test_gc (because it randomly fail).
* Convert Yapsy plugin into entry_point plugins.
* Fix regression - support single repository browsing
* Re-organize i18n
* Add profiling option `--profile`
* Replace deprecated warn() by warning()
* Add logging to know how long it take to restore a file.
* Add directory in Zip archive.
* Ignore encoding problem in spider repos
* Fix attrib testcases (for py3)
* Add file recursively to tar.gz.
* Update testcases.tar.gz to include a sub directory with encoding.
* Add new {% attrib %} See pdsl/rdiffweb#12
* Review all logger modulo (%) formatting. See #9
* Add log to page_admin (for debugging)
* Add integration test and make it work in py2 and py3
* Major change to support py2 and py3
* Refactor plugin ILocationsPagePlugin into ITemplateFilterPlugin.
* Convert update repos into core plugin.
* Start fixing spider repo auto refresh [#] Release 0.8.1
* Set owner for authorized_keys. pdsl/minarca#100
* refactor some code to use list comprehension syntax in librdiff
* Fix change_dates ordering. see pdsl/minarca#97
* Send logined notification at the right time.
* Add logined notification.
* Fix creation of admin user when creating database.
* Remove initscript, default config and logrotate from setup.py.
* Improve in_progress detection -- verify if PID is running
* Add msapplication meta tag (for Win8 pinning) see #57
* Support translated Welcome message.
* Add a bit of logging into page_settings.
* Fix password check unicode.
* Fix change email.
* Fix allow add user if missing.
* Fix ldap unicode vs str.
* Update default configuration. Remove obsolete UserDB option.
* Reffactor RdiffApp to implement Application directly.
* Add nosetests config to setup.cfg
* Refactor user & password system
* Remove file_statistics cache replace by pure python implementation.
* Try to support \'X-Forwarded-For\' header.
* Add log line when login failed.
* Add ip and username in log.
* Try to fix encoding normalization.
* Allow HTML in \"WelcomeMsg\". Ref #76
* Allow user to delete repository.
* Fix ssh keys plugin to create file and directory.
* Add new \"settings\" tabs to change encoding. Ref #52
* Reffactor browsing view a bit (to introduce Settings) Ref #52 #57
* Fix issue related to SSH Prefs page not being available.
* Add ru translation received by Евгений Максимов
* Add RLock to SQLite user db.
* Add options to customize the welcome message.
* Remove setup page and auto configure rdiffweb when required.
* Provide a default info message if userprefs are not availables.
* Use SQLite UserDB by default. Fix default configuration file.
* Fix ZIP operation to use ISO-8859-1 encoding for filenames. Fix #55
* Reffactoring replace remove_dir() by shutil.rmtree()
* Set a error page to workarround encoding in error in cherrypy.
* Add threadname to logging line.
* Correction to the temp file name generate to use a prefix.
* Use weakref in librdiff in attempt to fix memoryleak. refs #52
* Prefix temp directory with rdiffweb.
* Add itemprop=id for sshkeys.
* Change default filesize format to use GiB and not GB
* Localize some string related to password validation.
* Don\'t check SSH key length in autorizedkeys. Use Crypto to get key length. Correct field name in template: comment -> title.
* Add email validation
* Add SSH Keys plugin to manage authorized_keys
* Set cherrypy max_request_body_size to 2MiB to increase security.
* Create a CurrentUser object to lazy load data about current user. Refactor the preferences page to use plugins architecture.
* Dump memory when receiving SIGUSR2.
* Add \'START\' and \'STOP\' log line to clearly identify startup.
* Remove obsolete https filter.
* Add microdata to plugin page.
* Remove hardcoded version. Get it from package info.
* Move forward a plugin architecture. First implementation include UserDB plugins: LDAP and SQLite. MySQL is on the way.
* Correct librdiff to avoid encoding problem during logging.
* Correct i18n to fallback when translation is not available to current resquest/response.
* Correct basic auth (for RSS feed).
* Cache configuration setting. Use unicode string in every module.
* Remove ref url from readme file. [#] v.0.7.0
* Enhance repository view. Reduce item size. Include number of repos in title.
* Change logrotate configuration to copytruncate the file.
* Correction to init script. Use >> instead of > to write log file.
* Upgrade Bootstrap to 3.3.4. Align dropdown menu in xs. Fix #43
* Align the \"delete\" buttons. Fix #42
* Hide \"Signed in as...\" for xs and sm. Fix #41
* Change the navigation layout to avoid showing bootstrap menu button in loging page. Fix #40
* Fix LDAP TLS.
* Change filter setup to redirect users to setup page if no user in database.
* Avoid replacing configuration file rdw.conf.
* Include a logrotate configuration to setup.py
* Declare license information in setup.py
* Fix init script. Fix problem related to logs, background process.
* Remove userdb cache. Ref #38
* Add python-babel to list of dependencies to compile the translation.
* Translate rdiffweb to french. Provide translation based on browser accepted language.
* Set rdiffweb branding
* Update login page format
* Support symbolic link by showing the target directory content. Fix #30
* Fix tempdir encoding.
* Update init script to fix some issue related to starting rdiffweb.
* Update install instruction in README.md
* Remove reference to \"rdiffweb-config\".
* Add \"tempdir\" configuration parameter to relocate where to restore data.
* Add copyright statement where missing. Update satement to 2014.
* Minor UI improvement for mobile
* Change the setup to create a default admin users.
* Before validating LDAP credentials, check if user exists in local database.
* Fix login redirect for edge cases when url need quote. Redirect doesn\'t work for non-utf-8 chars.
* Handle situation where UserRoot is None.
* Correct encoding error in db_sqlite and db_ldap to support username and password with non-ascii characther.
* Change authentication filter to redirect to /login/.
* Enhance administration view.
* Fix setup to include javascripts.
* Provide hint when no backup locations is available.
* Enhance initial setup.
* Fix restore to delete temporary directory when download is complete.
* Use permalink
* Remove zip vs tar preference. Allow user to select when restoring. Fix #23
* Add new fontello icons.
* Fix sorting to display directory first.
* Fix filesize for quoted path.
* Rename all variation of rdiff-web, rdiffWeb into rdiffweb. Fix #24
* Change GUI to bootstrap. Update templating engine to jinja2
* Update author information.
* Add LDAP authentication support.
* Add logging error to page restore.
* Fix encoding support for file and folder restore.
* Show error message instead of \"Invalid date parameter.\"
* Fix encoding issue when creating archive [#] Release v0.6.5
* Change sorting implementation to use TimSort.
* Minor modification to CSS to add more focus to warnings and errors.
* Minor change to color palette.
* Modification to CSS and templates for better support on mobile devices. Fix #4
* Add arrow to indicate the sorting direction.
* Save sorting preference in local storage. Restore the user preference on page load. Fix #1
* Add license informations to source file and package info.
* Validate pages using w3c validator againts HTML5.
* Add column sorting using JavaScript. Use css :nth-child(even) to replace altRow implementation.
* Refactor librdiff.py to fix handling of different timezone for the same increment. Fix #2
* Minor realignment of the login screen using css.
* Change the creation of the status entry url to make it relative instead of absolute. [#] Release V0.6.4
* Update readme file with installation instruction.
* Make the web server listen on all network interface by default.
* Change the repository icon and the favicon.
* Use modal dialog to add user in admin panel.
* Add rdiffWeb branding
* Use overlay to select revision to be restored.
* Remove deprecated emailsEnabled section.
* Fix minor issue with deployment script. Redesign the pages with modification to templates and CSS. Add JQuery. [#] Release v0.6.3
* Initial commit
  
ICM