Bug#922080: marked as done (borgbackup: fuse mount exposes backup to unauthorized users)

Wed, 20 Feb 2019 02:57:30 -0800 

Your message dated Wed, 20 Feb 2019 10:55:58 +0000 (UTC)
with message-id <140254903.3562327.1550660158...@mail.yahoo.com>
and subject line Re: Bug#922080: borgbackup: fuse mount exposes backup to 
unauthorized users
has caused the Debian Bug report #922080,
regarding borgbackup: fuse mount exposes backup to unauthorized users
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
922080: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922080
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message --- 
Source: borgbackup
Version: 1.1.8-1
Severity: grave
Tags: security upstream
Justification: user security hole
Forwarded: https://github.com/borgbackup/borg/issues/3903
Control: fixed -1 1.1.9-1

As there is no CVE assigned for this issue, fill a bug for having an
unique identifier withing Debian.

Upstream issue: https://github.com/borgbackup/borg/issues/3903

Please adjust found versions as needed, is stable affected?

Regards,
Salvatore

--- End Message ---
--- Begin Message --- 
 I propose to close the bug since it is fixed in unstable/testing (tomorrow)
G.

    Il martedì 12 febbraio 2019, 19:37:56 CET, Gianfranco Costamagna 
<locutusofb...@debian.org> ha scritto:  
 
 On Mon, 11 Feb 2019 21:02:03 +0100 Salvatore Bonaccorso <car...@debian.org> 
wrote:
> Source: borgbackup
> Version: 1.1.8-1
> Severity: grave
> Tags: security upstream
> Justification: user security hole
> Forwarded: https://github.com/borgbackup/borg/issues/3903
> Control: fixed -1 1.1.9-1
> 
> As there is no CVE assigned for this issue, fill a bug for having an
> unique identifier withing Debian.
> 
> Upstream issue: https://github.com/borgbackup/borg/issues/3903
> 
> Please adjust found versions as needed, is stable affected?
> 

Hello, yes, I think stable is affected.

the patch doesn't apply cleanly but it shoult be easy to rebase it.

Do you think you can go with a security update for stable?

G.
> Regards,
> Salvatore
> 
>

--- End Message ---

Reply via email to