77 matches found
Fedora Update for borgbackup FEDORA-2017-7b0a42338c
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 26 Update: borgbackup-1.1.3-1.fc26
BorgBackup short: Borg is a deduplicating backup program. Optionally, it supports compression and authenticated encryption...
[SECURITY] Fedora 27 Update: borgbackup-1.1.3-1.fc27
BorgBackup short: Borg is a deduplicating backup program. Optionally, it supports compression and authenticated encryption...
Authorization Bypass
borgbackup is vulnerable to authorization bypasses. The application does not properly enforce permissions over repository access, allowing a malicious user to have access to repositories on the server...
FreeBSD : borgbackup -- remote users can override repository restrictions (0d369972-d4ba-11e7-bfca-005056925db4)
BorgBackup reports : Incorrect implementation of access controls allows remote users to override repository restrictions in Borg servers. A user able to access a remote Borg SSH server is able to circumvent access controls post-authentication. Affected releases: 1.1.0, 1.1.1, 1.1.2. Releases 1.0....
borgbackup -- remote users can override repository restrictions
BorgBackup reports: Incorrect implementation of access controls allows remote users to override repository restrictions in Borg servers. A user able to access a remote Borg SSH server is able to circumvent access controls post-authentication. Affected releases: 1.1.0, 1.1.1, 1.1.2. Releases 1.0.x...
Fedora 25 : borgbackup (2016-6e66f01186)
upstream version 1.0.9 BZ1406277 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 703...
Fedora 24 : borgbackup (2016-3b51e954fd)
upstream version 1.0.9 BZ1406277 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 703...
Fedora Update for borgbackup FEDORA-2016-3b51e954fd
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for borgbackup FEDORA-2016-6e66f01186
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 24 Update: borgbackup-1.0.9-1.fc24
BorgBackup short: Borg is a deduplicating backup program. Optionally, it supports compression and authenticated encryption...
[SECURITY] Fedora 25 Update: borgbackup-1.0.9-1.fc25
BorgBackup short: Borg is a deduplicating backup program. Optionally, it supports compression and authenticated encryption...
Arbitrary Archive File Overwrite
Borg aka BorgBackup has a flaw in the way of processing duplicate archive names during manifest recovery. When rebuilding the manifest which should only be needed very rarely, duplicate archive names would be handled on a "first come first serve" basis, allowing an attacker to arbitrarily overwri...
CVE-2016-10099
Borg aka BorgBackup before 1.0.9 has a flaw in the cryptographic protocol used to authenticate the manifest list of archives, potentially allowing an attacker to spoof the list of archives...
Information disclosure
Borg aka BorgBackup before 1.0.9 has a flaw in the cryptographic protocol used to authenticate the manifest list of archives, potentially allowing an attacker to spoof the list of archives...
CVE-2016-10100
Borg aka BorgBackup before 1.0.9 has a flaw in the way duplicate archive names were processed during manifest recovery, potentially allowing an attacker to overwrite an archive...
CVE-2016-10100
Borg aka BorgBackup before 1.0.9 has a flaw in the way duplicate archive names were processed during manifest recovery, potentially allowing an attacker to overwrite an archive...
CVE-2016-10099
Borg aka BorgBackup before 1.0.9 has a flaw in the cryptographic protocol used to authenticate the manifest list of archives, potentially allowing an attacker to spoof the list of archives...
Design/Logic Flaw
Borg aka BorgBackup before 1.0.9 has a flaw in the way duplicate archive names were processed during manifest recovery, potentially allowing an attacker to overwrite an archive...
DEBIAN-CVE-2016-10099
Borg aka BorgBackup before 1.0.9 has a flaw in the cryptographic protocol used to authenticate the manifest list of archives, potentially allowing an attacker to spoof the list of archives...