| 2016-08-21 13:17:54 |
Gianfranco Costamagna |
bug |
|
|
added bug |
| 2016-08-21 13:18:15 |
Gianfranco Costamagna |
bug |
|
|
added subscriber Ubuntu Security Team |
| 2016-08-24 14:03:48 |
Chris J Arges |
nominated for series |
|
Ubuntu Xenial |
|
| 2016-08-24 14:03:48 |
Chris J Arges |
bug task added |
|
virtualbox (Ubuntu Xenial) |
|
| 2016-08-24 14:04:25 |
Chris J Arges |
bug task added |
|
borgbackup (Ubuntu) |
|
| 2016-08-24 14:28:28 |
Gianfranco Costamagna |
bug task deleted |
virtualbox (Ubuntu) |
|
|
| 2016-08-24 14:28:36 |
Gianfranco Costamagna |
bug task deleted |
virtualbox (Ubuntu Xenial) |
|
|
| 2016-08-24 14:28:50 |
Gianfranco Costamagna |
nominated for series |
|
Ubuntu Yakkety |
|
| 2016-08-24 14:28:50 |
Gianfranco Costamagna |
bug task added |
|
borgbackup (Ubuntu Yakkety) |
|
| 2016-08-24 14:28:57 |
Gianfranco Costamagna |
borgbackup (Ubuntu Yakkety): status |
New |
Fix Released |
|
| 2016-09-05 12:32:26 |
Gianfranco Costamagna |
summary |
security issues on borgbackup |
[SRU] security issues on borgbackup |
|
| 2016-09-05 12:34:21 |
Gianfranco Costamagna |
description |
as explained here, upstream is asking to SRU borgbackup because of the fixes below
https://github.com/borgbackup/borg/compare/28cbf2481564%5E...f32c8858ad3f
https://github.com/borgbackup/borg/commit/dde18d6a7660837ce7b4f30d31960bdc74252570 |
[Impact]
* There are some fixes in repo corruption before 1.0.7
* There are some security issues before 1.0.7
[Test Case]
* as explained here, upstream is asking to SRU borgbackup because of the fixes below
https://github.com/borgbackup/borg/compare/28cbf2481564%5E...f32c8858ad3f
https://github.com/borgbackup/borg/commit/dde18d6a7660837ce7b4f30d31960bdc74252570
* use restrict-to-patch flag and see it not restricted
# if --restrict-to-path P is given, we make sure that we only operate in/below path P.
# for the prefix check, it is important that the compared pathes both have trailing slashes,
# so that a path /foobar will NOT be accepted with --restrict-to-path /foo option.
[Regression Potential]
* None, we have a testsuite to catch such issues.
[Other Info] |
|
| 2016-09-05 12:34:29 |
Gianfranco Costamagna |
description |
[Impact]
* There are some fixes in repo corruption before 1.0.7
* There are some security issues before 1.0.7
[Test Case]
* as explained here, upstream is asking to SRU borgbackup because of the fixes below
https://github.com/borgbackup/borg/compare/28cbf2481564%5E...f32c8858ad3f
https://github.com/borgbackup/borg/commit/dde18d6a7660837ce7b4f30d31960bdc74252570
* use restrict-to-patch flag and see it not restricted
# if --restrict-to-path P is given, we make sure that we only operate in/below path P.
# for the prefix check, it is important that the compared pathes both have trailing slashes,
# so that a path /foobar will NOT be accepted with --restrict-to-path /foo option.
[Regression Potential]
* None, we have a testsuite to catch such issues.
[Other Info] |
[Impact]
* There are some fixes in repo corruption before 1.0.7
* There are some security issues before 1.0.7
[Test Case]
* as explained here, upstream is asking to SRU borgbackup because of the fixes below
https://github.com/borgbackup/borg/compare/28cbf2481564%5E...f32c8858ad3f
https://github.com/borgbackup/borg/commit/dde18d6a7660837ce7b4f30d31960bdc74252570
* use restrict-to-patch flag and see it not restricted
# if --restrict-to-path P is given, we make sure that we only operate in/below path P.
# for the prefix check, it is important that the compared pathes both have trailing slashes,
# so that a path /foobar will NOT be accepted with --restrict-to-path /foo option.
[Regression Potential]
* None, we have a testsuite to catch such issues. |
|
| 2016-09-05 12:34:37 |
Gianfranco Costamagna |
bug |
|
|
added subscriber Ubuntu Release Team |
| 2016-09-06 12:55:58 |
Martin Pitt |
borgbackup (Ubuntu Xenial): status |
New |
Fix Committed |
|
| 2016-09-06 12:56:00 |
Martin Pitt |
bug |
|
|
added subscriber Ubuntu Stable Release Updates Team |
| 2016-09-06 12:56:01 |
Martin Pitt |
bug |
|
|
added subscriber SRU Verification |
| 2016-09-06 12:56:06 |
Martin Pitt |
tags |
|
verification-needed |
|
| 2016-09-06 16:27:46 |
Gianfranco Costamagna |
tags |
verification-needed |
verification-done |
|
| 2016-09-06 16:28:53 |
Mathew Hodson |
information type |
Public |
Public Security |
|
| 2016-09-14 11:59:37 |
Martin Pitt |
removed subscriber Ubuntu Stable Release Updates Team |
|
|
|
| 2016-09-14 12:01:58 |
Launchpad Janitor |
borgbackup (Ubuntu Xenial): status |
Fix Committed |
Fix Released |
|
