On Mon, 11 Feb 2019 21:02:03 +0100 Salvatore Bonaccorso <car...@debian.org> wrote: > Source: borgbackup > Version: 1.1.8-1 > Severity: grave > Tags: security upstream > Justification: user security hole > Forwarded: https://github.com/borgbackup/borg/issues/3903 > Control: fixed -1 1.1.9-1 > > As there is no CVE assigned for this issue, fill a bug for having an > unique identifier withing Debian. > > Upstream issue: https://github.com/borgbackup/borg/issues/3903 > > Please adjust found versions as needed, is stable affected? >
Hello, yes, I think stable is affected. the patch doesn't apply cleanly but it shoult be easy to rebase it. Do you think you can go with a security update for stable? G. > Regards, > Salvatore > >