mirror of
https://github.com/borgbackup/borg.git
synced 2024-12-27 02:08:54 +00:00
update CHANGES (1.1-maint) for 1.1.3 release
This commit is contained in:
parent
ea0203bb0d
commit
54883434b9
1 changed files with 7 additions and 3 deletions
|
@ -131,8 +131,8 @@ The best check that everything is ok is to run a dry-run extraction::
|
|||
Changelog
|
||||
=========
|
||||
|
||||
Version 1.1.3 (not released yet)
|
||||
--------------------------------
|
||||
Version 1.1.3 (2017-11-27)
|
||||
--------------------------
|
||||
|
||||
Compatibility notes:
|
||||
|
||||
|
@ -153,7 +153,11 @@ Compatibility notes:
|
|||
|
||||
Fixes:
|
||||
|
||||
- XXX SECFIX XXX
|
||||
- Security Fix for CVE-2017-15914: Incorrect implementation of access controls
|
||||
allows remote users to override repository restrictions in Borg servers.
|
||||
A user able to access a remote Borg SSH server is able to circumvent access
|
||||
controls post-authentication.
|
||||
Affected releases: 1.1.0, 1.1.1, 1.1.2. Releases 1.0.x are NOT affected.
|
||||
- crc32: deal with unaligned buffer, add tests - this broke borg on older ARM
|
||||
CPUs that can not deal with unaligned 32bit memory accesses and raise a bus
|
||||
error in such cases. the fix might also improve performance on some CPUs as
|
||||
|
|
Loading…
Reference in a new issue