1
0
Fork 0
mirror of https://github.com/borgbackup/borg.git synced 2024-12-26 09:47:58 +00:00

fix CVE timeline, fix markup

This commit is contained in:
Thomas Waldmann 2023-08-30 15:49:09 +02:00
parent 449cd51b73
commit f334ef1b4d
No known key found for this signature in database
GPG key ID: 243ACFA951F78E01

View file

@ -42,6 +42,7 @@ Steps you must take to upgrade a repository:
Do **not** run ``borg check`` with borg 1.2.5 before completing the upgrade steps.
2. Run ``borg info --debug <repository> 2>&1 | grep TAM | grep -i manifest``.
a) If you get "TAM-verified manifest", continue with 3.
b) If you get "Manifest TAM not found and not required", run
``borg upgrade --tam --force <repository>`` *on every client*.
@ -69,7 +70,8 @@ Vulnerability time line:
* 2023-06-13: Vulnerability discovered during code review by Thomas Waldmann
* 2023-06-13...: Work on fixing the issue, upgrade procedure, docs.
* 2023-06-30: CVE was assigned via Github CNA
* 2023-07-xx: Released fixed version 1.2.5
* 2023-06-30 .. 2023-08-29: Fixed issue, code review, docs, testing.
* 2023-08-30: Released fixed version 1.2.5
.. _hashindex_set_bug: