SB2017112950 - Fedora 26 update for borgbackup
Published: November 29, 2017 Updated: April 24, 2025
Security Bulletin ID
SB2017112950
Severity
High
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Remote access
Highest impact
Code execution
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Input validation error (CVE-ID: CVE-2017-15914)
The vulnerability allows a remote authenticated user to execute arbitrary code.
Incorrect implementation of access controls allows remote users to override repository restrictions in Borg servers 1.1.x before 1.1.3.
Remediation
Install update from vendor's website.