GLSA-202405-13 : borgmatic: Shell Injection

high Nessus Plugin ID 194995

Description

The remote host is affected by the vulnerability described in GLSA-202405-13 (borgmatic: Shell Injection)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

All borgmatic users should upgrade to the latest version:

# emerge --sync # emerge --ask --oneshot --verbose >=app-backup/borgmatic-1.8.8

See Also

https://security.gentoo.org/glsa/202405-13

https://bugs.gentoo.org/show_bug.cgi?id=924892

Plugin Details

Severity: High

ID: 194995

File Name: gentoo_GLSA-202405-13.nasl

Version: 1.0

Type: local

Published: 5/6/2024

Updated: 5/6/2024

Supported Sensors: Nessus

Vulnerability Information

CPE: p-cpe:/a:gentoo:linux:borgmatic, cpe:/o:gentoo:linux

Required KB Items: Host/local_checks_enabled, Host/Gentoo/release, Host/Gentoo/qpkg-list

Exploit Ease: No known exploits are available

Patch Publication Date: 5/5/2024

Vulnerability Publication Date: 5/5/2024