This release works around and improves detection of a bug in the compression library used by restic. The resulting issue only happens when using restic 0.16.3 and the max
compression level (the default auto
and off
compression levels are not affected), and when the source files being backed up have specific data in them to trigger the bug. If you use max
compression, you can use restic check --read-data
to make sure you're not affected.
restic is distributed as a standalone binary: download the correct file for your operating system and architecture, extract the file and just run it. If you run into any issues, please report them at the GitHub issue tracker or visit the forum. If you already have restic >= 0.9.4, you can use restic self-update
to get the latest version in a secure way.
The binaries released with each restic version are reproducible, which means that you can reproduce a byte identical version from the source code for that release. Instructions on how to do that in the Developer Documentation.
Changelog for restic 0.16.4 (2024-02-04)
The following sections list the changes in restic 0.16.4 relevant to restic users. The changes are ordered by importance.
Summary
- Fix #4677: Downgrade zstd library to fix rare data corruption at max. compression
- Enh #4529: Add extra verification of data integrity before upload
Details
-
Bugfix #4677: Downgrade zstd library to fix rare data corruption at max. compression
In restic 0.16.3, backups where the compression level was set to
max
(using--compression max
) could in rare and very specific circumstances result in data corruption due to a bug in the library used for compressing data. Restic 0.16.1 and 0.16.2 were not affected.Restic now uses the previous version of the library used to compress data, the same version used by restic 0.16.2. Please note that the
auto
compression level (which restic uses by default) was never affected, and even if you usedmax
compression, chances of being affected by this issue are small.To check a repository for any corruption, run
restic check --read-data
. This will download and verify the whole repository and can be used at any time to completely verify the integrity of a repository. If thecheck
command detects anomalies, follow the suggested steps. -
Enhancement #4529: Add extra verification of data integrity before upload
Hardware issues, or a bug in restic or its dependencies, could previously cause corruption in the files restic created and stored in the repository. Detecting such corruption previously required explicitly running the
check --read-data
orcheck --read-data-subset
commands.To further ensure data integrity, even in the case of hardware issues or software bugs, restic now performs additional verification of the files about to be uploaded to the repository.
These extra checks will increase CPU usage during backups. They can therefore, if absolutely necessary, be disabled using the
--no-extra-verify
global option. Please note that this should be combined with more active checking using the previously mentioned check commands.