Good evening,
I'm the Fedora and EPEL maintainer of duplicity and I've to bring you bad and even good news, if you're using duplicity <= 0.4.3, which is currently everywhere in Fedora and EPEL.
Duplicity 0.4.3 currently has a security issue (CVE-2007-5201) and couple of bugs which are fixed in duplicity 0.4.9 reaching the repositories soon. Unfortunately, the upstream maintainer broke the duplicity command line syntax in version 0.4.4 without backward compatibility. Regarding the other bugs and problems fixed, see here: http://duplicity.nongnu.org/CHANGELOG.
duplicity >= 0.4.4 (NEW!):
duplicity [full|incr] [options] source_dir target_url duplicity [restore] [options] source_url target_dir duplicity verify [options] source_url target_dir duplicity collection-status [options] target_url duplicity list-current-files [options] target_url duplicity cleanup [options] target_url duplicity remove-older-than time [options] target_url
duplicity <= 0.4.3 (OLD!):
duplicity [options] input_directory destination_url duplicity [options] source_url target_directory duplicity [options] --verify source_url filename duplicity [options] --collection-status source_url duplicity [options] --list-current-files source_url duplicity [options] --cleanup target_url duplicity [options] --remove-older-than target_url
As of the reasons above it is not really possible to avoid this update, a backport doesn't mostly work, as other code changed as well and the changes between 0.4.3 and newer versions are pretty huge. And there also turned out nobody willing me to help writing e.g. a wrapper or a patch bringing back the compatibility in command line syntax again. But maybe I'm the only guy using duplicity in EPEL 4 and 5?
Anyway: Re-watch your backup scripts, if you're using duplicity and change them to use the new command line syntax if you're applying the update. I'm worried about this, but I can't avoid.
Greetings, Robert
epel-devel@lists.fedoraproject.org