Memo in case of upgrade >= 1.2.5

Question

Memo in case of upgrade >= 1.2.5

Opened this issue a year ago · 1 comments

Describe the bug

Upgrade to borg >= 1.2.5 will require a specific upgrade

Context

Here is the doc about the upgrade :
https://github.com/borgbackup/borg/blob/1.2.6/docs/changes.rst#pre-125-archives-spoofing-vulnerability-cve-2023-36811

I have not analyzed it deeply but it seems that the upgrade process will have to contain some intelligence to upgrade.

Answer 1 · 2023-12-18T18:33:26.000Z

Hmpf I don't know if we want to address this, there seem to be a big number of "ifs", and the appropriate way to "fix" the thing (if it happened) is clearly not straightforward ... Like, maybe it's concern for shared repo somehow but that's not the topology we have here x_x