** Summary changed: - security issues on borgbackup + [SRU] security issues on borgbackup
** Description changed: - as explained here, upstream is asking to SRU borgbackup because of the fixes below + [Impact] + + * There are some fixes in repo corruption before 1.0.7 + * There are some security issues before 1.0.7 + + [Test Case] + + * as explained here, upstream is asking to SRU borgbackup because of the fixes below https://github.com/borgbackup/borg/compare/28cbf2481564%5E...f32c8858ad3f https://github.com/borgbackup/borg/commit/dde18d6a7660837ce7b4f30d31960bdc74252570 + * use restrict-to-patch flag and see it not restricted + + # if --restrict-to-path P is given, we make sure that we only operate in/below path P. + # for the prefix check, it is important that the compared pathes both have trailing slashes, + # so that a path /foobar will NOT be accepted with --restrict-to-path /foo option. + + [Regression Potential] + + * None, we have a testsuite to catch such issues. + + [Other Info] ** Description changed: [Impact] - * There are some fixes in repo corruption before 1.0.7 - * There are some security issues before 1.0.7 + * There are some fixes in repo corruption before 1.0.7 + * There are some security issues before 1.0.7 [Test Case] - * as explained here, upstream is asking to SRU borgbackup because of the fixes below + * as explained here, upstream is asking to SRU borgbackup because of the fixes below https://github.com/borgbackup/borg/compare/28cbf2481564%5E...f32c8858ad3f https://github.com/borgbackup/borg/commit/dde18d6a7660837ce7b4f30d31960bdc74252570 - * use restrict-to-patch flag and see it not restricted + * use restrict-to-patch flag and see it not restricted # if --restrict-to-path P is given, we make sure that we only operate in/below path P. # for the prefix check, it is important that the compared pathes both have trailing slashes, - # so that a path /foobar will NOT be accepted with --restrict-to-path /foo option. + # so that a path /foobar will NOT be accepted with --restrict-to-path /foo option. [Regression Potential] - * None, we have a testsuite to catch such issues. - - [Other Info] + * None, we have a testsuite to catch such issues. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1615380 Title: [SRU] security issues on borgbackup To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/borgbackup/+bug/1615380/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs