From 207a4a5e8e68218a0a3d964f97930d98564371c2 Mon Sep 17 00:00:00 2001 From: Michael Eischer Date: Fri, 2 Feb 2024 20:10:29 +0100 Subject: [PATCH 1/2] Downgrade klauspost/compress to fix data corruption at max. compression --- go.mod | 2 ++ go.sum | 4 ++-- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/go.mod b/go.mod index f07fc10ee..970770a90 100644 --- a/go.mod +++ b/go.mod @@ -36,6 +36,8 @@ require ( google.golang.org/api v0.149.0 ) +replace github.com/klauspost/compress => github.com/klauspost/compress v1.17.2 + require ( cloud.google.com/go v0.110.9 // indirect cloud.google.com/go/compute v1.23.1 // indirect diff --git a/go.sum b/go.sum index 01e58cccb..129eafed2 100644 --- a/go.sum +++ b/go.sum @@ -108,8 +108,8 @@ github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2 github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw= github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM= github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo= -github.com/klauspost/compress v1.17.4 h1:Ej5ixsIri7BrIjBkRZLTo6ghwrEtHFk7ijlczPW4fZ4= -github.com/klauspost/compress v1.17.4/go.mod h1:/dCuZOvVtNoHsyb+cuJD3itjs3NbnF6KH9zAO4BDxPM= +github.com/klauspost/compress v1.17.2 h1:RlWWUY/Dr4fL8qk9YG7DTZ7PDgME2V4csBXA8L/ixi4= +github.com/klauspost/compress v1.17.2/go.mod h1:ntbaceVETuRiXiv4DpjP66DpAtAGkEQskQzEyD//IeE= github.com/klauspost/cpuid/v2 v2.0.1/go.mod h1:FInQzS24/EEf25PyTYn52gqo7WaD8xa0213Md/qVLRg= github.com/klauspost/cpuid/v2 v2.2.6 h1:ndNyv040zDGIDh8thGkXYjnFtiN02M1PVVF+JE/48xc= github.com/klauspost/cpuid/v2 v2.2.6/go.mod h1:Lcz8mBdAVJIBVzewtcLocK12l3Y+JytZYpaMropDUws= From 219d8e3c18e8b1e7a861dfe498debfca7f99a0d7 Mon Sep 17 00:00:00 2001 From: Michael Eischer Date: Sat, 3 Feb 2024 18:52:51 +0100 Subject: [PATCH 2/2] add changelog draft for data corruption on max compression --- changelog/unreleased/issue-4677 | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) create mode 100644 changelog/unreleased/issue-4677 diff --git a/changelog/unreleased/issue-4677 b/changelog/unreleased/issue-4677 new file mode 100644 index 000000000..8fa6cf65b --- /dev/null +++ b/changelog/unreleased/issue-4677 @@ -0,0 +1,19 @@ +Bugfix: Downgrade zstd library to fix rare data corruption at max. compression + +In restic 0.16.3, backups where the compression level was set to `max` (using +`--compression max`) could in rare and very specific circumstances result in +data corruption due to a bug in the library used for compressing data. Restic +0.16.1 and 0.16.2 were not affected. + +Restic now uses the previous version of the library used to compress data, the +same version used by restic 0.16.2. Please note that the `auto` compression +level (which restic uses by default) was never affected, and even if you used +`max` compression, chances of being affected by this issue are small. + +To check a repository for any corruption, run `restic check --read-data`. This +will download and verify the whole repository and can be used at any time to +completely verify the integrity of a repository. If the `check` command detects +anomalies, follow the suggested steps. + +https://github.com/restic/restic/issues/4677 +https://github.com/restic/restic/pull/4679