CVSROOT: /cvs Module name: ports Changes by: st...@cvs.openbsd.org 2017/12/03 12:11:09
Modified files: sysutils/borgbackup: Makefile distinfo sysutils/borgbackup/pkg: PLIST Log message: update to borgbackup 1.1.3 (security fix doesn't affect -stable), from maintainer Björn Ketelaars CVE-2017-15914: Incorrect implementation of access controls allows remote users to override repository restrictions in Borg servers. A user able to access a remote Borg SSH server is able to circumvent access controls post-authentication. Affected releases: 1.1.0, 1.1.1, 1.1.2. Releases 1.0.x are NOT affected.