OPENSUSE-SU-2025:0110-1
Vulnerability from csaf_opensuse - Published: 2025-03-31 12:01 - Updated: 2025-03-31 12:01Summary
Security update for restic
Notes
Title of the patch
Security update for restic
Description of the patch
This update for restic fixes the following issues:
Update to 0.18.0
- Sec #5291: Mitigate attack on content-defined chunking algorithm
- Fix #1843: Correctly restore long filepaths' timestamp on old Windows
- Fix #2165: Ignore disappeared backup source files
- Fix #5153: Include root tree when searching using find --tree
- Fix #5169: Prevent Windows VSS event log 8194 warnings for backup with fs snapshot
- Fix #5212: Fix duplicate data handling in prune --max-unused
- Fix #5249: Fix creation of oversized index by repair index --read-all-packs
- Fix #5259: Fix rare crash in command output
- Chg #4938: Update dependencies and require Go 1.23 or newer
- Chg #5162: Promote feature flags
- Enh #1378: Add JSON support to check command
- Enh #2511: Support generating shell completions to stdout
- Enh #3697: Allow excluding online-only cloud files (e.g. OneDrive)
- Enh #4179: Add sort option to ls command
- Enh #4433: Change default sort order for find output
- Enh #4521: Add support for Microsoft Blob Storage access tiers
- Enh #4942: Add snapshot summary statistics to rewritten snapshots
- Enh #4948: Format exit errors as JSON when requested
- Enh #4983: Add SLSA provenance to GHCR container images
- Enh #5054: Enable compression for ZIP archives in dump command
- Enh #5081: Add retry mechanism for loading repository config
- Enh #5089: Allow including/excluding extended file attributes during restore
- Enh #5092: Show count of deleted files and directories during restore
- Enh #5109: Make small pack size configurable for prune
- Enh #5119: Add start and end timestamps to backup JSON output
- Enh #5131: Add DragonFlyBSD support
- Enh #5137: Make tag command print which snapshots were modified
- Enh #5141: Provide clear error message if AZURE_ACCOUNT_NAME is not set
- Enh #5173: Add experimental S3 cold storage support
- Enh #5174: Add xattr support for NetBSD 10+
- Enh #5251: Improve retry handling for flaky rclone backends
- Enh #52897: Make recover automatically rebuild index when needed
Patchnames
openSUSE-2025-110
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for restic",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for restic fixes the following issues:\n\nUpdate to 0.18.0\n\n- Sec #5291: Mitigate attack on content-defined chunking algorithm\n- Fix #1843: Correctly restore long filepaths\u0027 timestamp on old Windows\n- Fix #2165: Ignore disappeared backup source files\n- Fix #5153: Include root tree when searching using find --tree\n- Fix #5169: Prevent Windows VSS event log 8194 warnings for backup with fs snapshot\n- Fix #5212: Fix duplicate data handling in prune --max-unused\n- Fix #5249: Fix creation of oversized index by repair index --read-all-packs\n- Fix #5259: Fix rare crash in command output\n- Chg #4938: Update dependencies and require Go 1.23 or newer\n- Chg #5162: Promote feature flags\n- Enh #1378: Add JSON support to check command\n- Enh #2511: Support generating shell completions to stdout\n- Enh #3697: Allow excluding online-only cloud files (e.g. OneDrive)\n- Enh #4179: Add sort option to ls command\n- Enh #4433: Change default sort order for find output\n- Enh #4521: Add support for Microsoft Blob Storage access tiers\n- Enh #4942: Add snapshot summary statistics to rewritten snapshots\n- Enh #4948: Format exit errors as JSON when requested\n- Enh #4983: Add SLSA provenance to GHCR container images\n- Enh #5054: Enable compression for ZIP archives in dump command\n- Enh #5081: Add retry mechanism for loading repository config\n- Enh #5089: Allow including/excluding extended file attributes during restore\n- Enh #5092: Show count of deleted files and directories during restore\n- Enh #5109: Make small pack size configurable for prune\n- Enh #5119: Add start and end timestamps to backup JSON output\n- Enh #5131: Add DragonFlyBSD support\n- Enh #5137: Make tag command print which snapshots were modified\n- Enh #5141: Provide clear error message if AZURE_ACCOUNT_NAME is not set\n- Enh #5173: Add experimental S3 cold storage support\n- Enh #5174: Add xattr support for NetBSD 10+\n- Enh #5251: Improve retry handling for flaky rclone backends\n- Enh #52897: Make recover automatically rebuild index when needed\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-2025-110",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_0110-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2025:0110-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/774IYQZ7MM6B6XG4OUL4ZECAW4Q5WNZN/"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2025:0110-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/774IYQZ7MM6B6XG4OUL4ZECAW4Q5WNZN/"
}
],
"title": "Security update for restic",
"tracking": {
"current_release_date": "2025-03-31T12:01:10Z",
"generator": {
"date": "2025-03-31T12:01:10Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:0110-1",
"initial_release_date": "2025-03-31T12:01:10Z",
"revision_history": [
{
"date": "2025-03-31T12:01:10Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "restic-0.18.0-bp156.2.6.1.aarch64",
"product": {
"name": "restic-0.18.0-bp156.2.6.1.aarch64",
"product_id": "restic-0.18.0-bp156.2.6.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "restic-0.18.0-bp156.2.6.1.i586",
"product": {
"name": "restic-0.18.0-bp156.2.6.1.i586",
"product_id": "restic-0.18.0-bp156.2.6.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "restic-bash-completion-0.18.0-bp156.2.6.1.noarch",
"product": {
"name": "restic-bash-completion-0.18.0-bp156.2.6.1.noarch",
"product_id": "restic-bash-completion-0.18.0-bp156.2.6.1.noarch"
}
},
{
"category": "product_version",
"name": "restic-zsh-completion-0.18.0-bp156.2.6.1.noarch",
"product": {
"name": "restic-zsh-completion-0.18.0-bp156.2.6.1.noarch",
"product_id": "restic-zsh-completion-0.18.0-bp156.2.6.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "restic-0.18.0-bp156.2.6.1.ppc64le",
"product": {
"name": "restic-0.18.0-bp156.2.6.1.ppc64le",
"product_id": "restic-0.18.0-bp156.2.6.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "restic-0.18.0-bp156.2.6.1.s390x",
"product": {
"name": "restic-0.18.0-bp156.2.6.1.s390x",
"product_id": "restic-0.18.0-bp156.2.6.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "restic-0.18.0-bp156.2.6.1.x86_64",
"product": {
"name": "restic-0.18.0-bp156.2.6.1.x86_64",
"product_id": "restic-0.18.0-bp156.2.6.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Package Hub 15 SP6",
"product": {
"name": "SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6"
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "restic-0.18.0-bp156.2.6.1.aarch64 as component of SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6:restic-0.18.0-bp156.2.6.1.aarch64"
},
"product_reference": "restic-0.18.0-bp156.2.6.1.aarch64",
"relates_to_product_reference": "SUSE Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "restic-0.18.0-bp156.2.6.1.i586 as component of SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6:restic-0.18.0-bp156.2.6.1.i586"
},
"product_reference": "restic-0.18.0-bp156.2.6.1.i586",
"relates_to_product_reference": "SUSE Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "restic-0.18.0-bp156.2.6.1.ppc64le as component of SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6:restic-0.18.0-bp156.2.6.1.ppc64le"
},
"product_reference": "restic-0.18.0-bp156.2.6.1.ppc64le",
"relates_to_product_reference": "SUSE Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "restic-0.18.0-bp156.2.6.1.s390x as component of SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6:restic-0.18.0-bp156.2.6.1.s390x"
},
"product_reference": "restic-0.18.0-bp156.2.6.1.s390x",
"relates_to_product_reference": "SUSE Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "restic-0.18.0-bp156.2.6.1.x86_64 as component of SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6:restic-0.18.0-bp156.2.6.1.x86_64"
},
"product_reference": "restic-0.18.0-bp156.2.6.1.x86_64",
"relates_to_product_reference": "SUSE Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "restic-bash-completion-0.18.0-bp156.2.6.1.noarch as component of SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6:restic-bash-completion-0.18.0-bp156.2.6.1.noarch"
},
"product_reference": "restic-bash-completion-0.18.0-bp156.2.6.1.noarch",
"relates_to_product_reference": "SUSE Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "restic-zsh-completion-0.18.0-bp156.2.6.1.noarch as component of SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6:restic-zsh-completion-0.18.0-bp156.2.6.1.noarch"
},
"product_reference": "restic-zsh-completion-0.18.0-bp156.2.6.1.noarch",
"relates_to_product_reference": "SUSE Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "restic-0.18.0-bp156.2.6.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:restic-0.18.0-bp156.2.6.1.aarch64"
},
"product_reference": "restic-0.18.0-bp156.2.6.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "restic-0.18.0-bp156.2.6.1.i586 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:restic-0.18.0-bp156.2.6.1.i586"
},
"product_reference": "restic-0.18.0-bp156.2.6.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "restic-0.18.0-bp156.2.6.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:restic-0.18.0-bp156.2.6.1.ppc64le"
},
"product_reference": "restic-0.18.0-bp156.2.6.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "restic-0.18.0-bp156.2.6.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:restic-0.18.0-bp156.2.6.1.s390x"
},
"product_reference": "restic-0.18.0-bp156.2.6.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "restic-0.18.0-bp156.2.6.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:restic-0.18.0-bp156.2.6.1.x86_64"
},
"product_reference": "restic-0.18.0-bp156.2.6.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "restic-bash-completion-0.18.0-bp156.2.6.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:restic-bash-completion-0.18.0-bp156.2.6.1.noarch"
},
"product_reference": "restic-bash-completion-0.18.0-bp156.2.6.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "restic-zsh-completion-0.18.0-bp156.2.6.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:restic-zsh-completion-0.18.0-bp156.2.6.1.noarch"
},
"product_reference": "restic-zsh-completion-0.18.0-bp156.2.6.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…