YunoHost-Apps/borg_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/borg_ynh.git synced 2024-09-03 18:16:05 +02:00
Code Issues Activity Actions

Create 1.2.8.md

Browse source
This commit is contained in:
Mateusz 2024-05-24 00:36:33 +02:00 committed by Salamandar
parent 0a4ea21beb
commit 30aa65c7ef
1 changed files with 7 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
doc/POST_UPGRADE.d/1.2.8.md Normal file
View file

@ -0,0 +1,7 @@
[Borg pre-version 1.2.5 had CVE in archive format](https://github.com/borgbackup/borg/blob/1.2.8/docs/changes.rst#pre-125-archives-spoofing-vulnerability-cve-2023-36811). One liner to check if you're affected is:
```sh
sudo env BORG_RSH="ssh -i /root/.ssh/id___APP___ed25519 -oStrictHostKeyChecking=yes " BORG_PASSPHRASE="$(sudo yunohost app setting __APP__ passphrase)" BORG_RELOCATED_REPO_ACCESS_IS_OK=yes BORG_REPO="$(sudo yunohost app setting __APP__ repository)" __INSTALL_DIR__/venv/bin/borg upgrade --show-rc --check-tam $BORG_REPO
```
Consult the linked documentation on how to interpret the result.