Tahoe-lafs

Latest version: v1.19.0

Safety actively analyzes 682457 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

1.17.0

The Tahoe-LAFS team is pleased to announce version 1.17.0 of
Tahoe-LAFS, an extremely reliable decentralized storage
system. Get it with "pip install tahoe-lafs", or download a
tarball here:

https://tahoe-lafs.org/downloads

Tahoe-LAFS is the first distributed storage system to offer
"provider-independent security" — meaning that not even the
operators of your storage servers can read or alter your data
without your consent. Here is the one-page explanation of its
unique security and fault-tolerance properties:

https://tahoe-lafs.readthedocs.org/en/latest/about.html

The previous stable release of Tahoe-LAFS was v1.16.0, released on
October 19, 2021.

This release fixes several security issues raised as part of an audit
by Cure53. We developed fixes for these issues in a private
repository. Shortly after this release, public tickets will be updated
with further information (along with, of course, all the code).

There is also OpenMetrics support now and several bug fixes.

In all, 46 issues have been fixed since the last release.

Please see ``NEWS.rst`` for a more complete list of changes.


WHAT IS IT GOOD FOR?

With Tahoe-LAFS, you distribute your data across multiple
servers. Even if some of the servers fail or are taken over
by an attacker, the entire file store continues to function
correctly, preserving your privacy and security. You can
easily share specific files and directories with other people.

In addition to the core storage system itself, volunteers
have built other projects on top of Tahoe-LAFS and have
integrated Tahoe-LAFS with existing systems, including
Windows, JavaScript, iPhone, Android, Hadoop, Flume, Django,
Puppet, bzr, mercurial, perforce, duplicity, TiddlyWiki, and
more. See the Related Projects page on the wiki [3].

We believe that strong cryptography, Free and Open Source
Software, erasure coding, and principled engineering practices
make Tahoe-LAFS safer than RAID, removable drive, tape,
on-line backup or cloud storage.

This software is developed under test-driven development, and
there are no known bugs or security flaws which would
compromise confidentiality or data integrity under recommended
use. (For all important issues that we are currently aware of
please see the known_issues.rst file [2].)


COMPATIBILITY

This release should be compatible with the version 1 series of
Tahoe-LAFS. Clients from this release can write files and
directories in the format used by clients of all versions back
to v1.0 (which was released March 25, 2008). Clients from this
release can read files and directories produced by clients of
all versions since v1.0.

Network connections are limited by the Introducer protocol in
use. If the Introducer is running v1.10 or v1.11, then servers
from this release (v1.12) can serve clients of all versions
back to v1.0 . If it is running v1.12, then they can only
serve clients back to v1.10. Clients from this release can use
servers back to v1.10, but not older servers.

Except for the new optional MDMF format, we have not made any
intentional compatibility changes. However we do not yet have
the test infrastructure to continuously verify that all new
versions are interoperable with previous versions. We intend
to build such an infrastructure in the future.

This is the twenty-first release in the version 1 series. This
series of Tahoe-LAFS will be actively supported and maintained
for the foreseeable future, and future versions of Tahoe-LAFS
will retain the ability to read and write files compatible
with this series.


LICENCE

You may use this package under the GNU General Public License,
version 2 or, at your option, any later version. See the file
"COPYING.GPL" [4] for the terms of the GNU General Public
License, version 2.

You may use this package under the Transitive Grace Period
Public Licence, version 1 or, at your option, any later
version. (The Transitive Grace Period Public Licence has
requirements similar to the GPL except that it allows you to
delay for up to twelve months after you redistribute a derived
work before releasing the source code of your derived work.)
See the file "COPYING.TGPPL.rst" [5] for the terms of the
Transitive Grace Period Public Licence, version 1.

(You may choose to use this package under the terms of either
licence, at your option.)


INSTALLATION

Tahoe-LAFS works on Linux, Mac OS X, Windows, Solaris, *BSD,
and probably most other systems. Start with "docs/INSTALL.rst"
[6].


HACKING AND COMMUNITY

Please join us on the mailing list [7]. Patches are gratefully
accepted -- the Roadmap page [8] shows the next improvements
that we plan to make and CREDITS [9] lists the names of people
who've contributed to the project. The Dev page [10] contains
resources for hackers.


SPONSORSHIP

A special thanks goes out to Least Authority Enterprises [12],
which employs several Tahoe-LAFS developers, for their
continued support.

HACK TAHOE-LAFS!

If you can find a security flaw in Tahoe-LAFS which is serious
enough that we feel compelled to warn our users and issue a fix,
then we will award you with a customized t-shirt with your
exploit printed on it and add you to the "Hack Tahoe-LAFS Hall
Of Fame" [13].


ACKNOWLEDGEMENTS

This is the eighteenth release of Tahoe-LAFS to be created
solely as a labor of love by volunteers. Thank you very much
to the team of "hackers in the public interest" who make
Tahoe-LAFS possible.

meejah
on behalf of the Tahoe-LAFS team

December 6, 2021
Planet Earth


[1] https://github.com/tahoe-lafs/tahoe-lafs/blob/tahoe-lafs-1.17.0/NEWS.rst
[2] https://github.com/tahoe-lafs/tahoe-lafs/blob/master/docs/known_issues.rst
[3] https://tahoe-lafs.org/trac/tahoe-lafs/wiki/RelatedProjects
[4] https://github.com/tahoe-lafs/tahoe-lafs/blob/tahoe-lafs-1.17.0/COPYING.GPL
[5] https://github.com/tahoe-lafs/tahoe-lafs/blob/tahoe-lafs-1.17.0/COPYING.TGPPL.rst
[6] https://tahoe-lafs.readthedocs.org/en/tahoe-lafs-1.17.0/INSTALL.html
[7] https://lists.tahoe-lafs.org/mailman/listinfo/tahoe-dev
[8] https://tahoe-lafs.org/trac/tahoe-lafs/roadmap
[9] https://github.com/tahoe-lafs/tahoe-lafs/blob/master/CREDITS
[10] https://tahoe-lafs.org/trac/tahoe-lafs/wiki/Dev
[12] https://leastauthority.com/
[13] https://tahoe-lafs.org/hacktahoelafs/
[14] https://github.com/warner/magic-wormhole
-----BEGIN PGP SIGNATURE-----

iQEzBAEBCgAdFiEEnVor1WiOy4id680/wmAoAxKAaacFAmGuWnsACgkQwmAoAxKA
aaecbwgA6IXrKZVo+LjNkGQERzblr+ElTxmH4n1h3yScx5qtzVmhw+Jxl+QyVy3u
oudf1MFLlvV6JGdYXc0uRrBk0xifNgNEcvIIyEbP2A0xhyDw4tQno/In/isU9pXI
5eN4j+Cb7CJPO4Fpq0TGbDZchE3/5nwthaw3iMUCr3yXTM3m7gX/qv5ttmmiR2pg
rGi+bkm8XmefqUeR6M0+8liQsNyQgO7I1ehbfRoYMhrAzO0sPVtBIr799kC9HDnZ
T5bc/FEKDSIrQ+pJHf+XnUru99xe4dZAfPKqKUVvKcKaqKR39XRJqb+Fb6zbK5Jc
WzbHOGiKC4dvFegAN/c7rKChWgmM5g==
=oqN7
-----END PGP SIGNATURE-----

Links

Releases

Has known vulnerabilities

© 2024 Safety CLI Cybersecurity Inc. All Rights Reserved.