Release 1.4.5#9912
Merged
Merged
Conversation
ThomasWaldmann
marked this pull request as draft
July 18, 2026 19:40
Codecov Report❌ Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## 1.4-maint #9912 +/- ##
=============================================
+ Coverage 82.03% 82.62% +0.59%
=============================================
Files 38 38
Lines 11396 11432 +36
Branches 1797 1803 +6
=============================================
+ Hits 9349 9446 +97
+ Misses 1462 1408 -54
+ Partials 585 578 -7 ☔ View full report in Codecov by Harness. |
looks like they removed the pip and virtualenv package.
the man page formatter can not deal with row or col spans.
…mbedded "..")
CVE-2026-62268 Fix 1/2
A maliciously crafted archive could contain a symlink (e.g. "evil" -> "/etc")
followed by an item below it ("evil/passwd"), or an item whose path embeds ".."
(e.g. "a/../../etc/passwd"). When extracting such items, borg followed the symlink
/ resolved the ".." in both the "remove existing file" step and the open()/mkdir()/
symlink() step, so it could delete or overwrite files outside the extraction
directory.
Note: sounds bad, but no big issue in practice: to create such a malicious archive,
the attacker would need repository access and (for encrypted or authenticated repos)
also the borg key and passphrase.
borg create never produces such archives (it does not follow symlinks and stores
normalized relative paths), so extract_item() now verifies, before any destructive
operation, that the item's parent path contains no ".." and no symlinked (or other
non-directory) component. Unsafe items are skipped with a warning (EXIT_WARNING)
and extraction continues. Verified-safe parent directories are cached per extraction
(Archive.safe_dirs) so each directory is lstat'd at most once.
Added regression tests for both attack vectors and a benign deep-tree extraction.
Also: skip redundant make_parent stat using safe_dirs cache
Performance optimization building on the parent-path security fix: the parent
path guard in extract_item already lstat's every existing parent directory and
records it in Archive.safe_dirs. make_parent therefore no longer needs to call
os.path.exists() for a parent that is already known to be a real directory - it
returns early on a safe_dirs hit, and caches directories it has to create (and
dest) so later items skip the stat too.
This roughly halves the per-item directory-metadata syscalls in the common case
(deep tree, shared parents) without changing behavior.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
CVE-2026-62268 Fix 2/2 The hardlink source (item.source) was used unvalidated as the os.link() target during extraction. A maliciously crafted archive could set a source that traverses a symlink (e.g. "evil/secret" with "evil" -> "/etc") or contains "..", causing borg to hardlink an arbitrary external file (e.g. /etc/shadow) into the extracted tree - an information disclosure, especially dangerous when restoring as root. Note: sounds bad, but no big issue in practice: to create such a malicious archive, the attacker would need repository access and (for encrypted or authenticated repos) also the borg key and passphrase. extract_helper now validates the hardlink source path with the same Archive._check_safe_parent() check used for item paths, refusing unsafe ones with a warning (and continuing with the rest of the archive). os.link() is now called with follow_symlinks=False (where supported) so a symlinked final source component links the symlink itself - a faithful restore - rather than the external file it targets. Adds BackupHardlinkSourceError and regression tests for both the symlinked-source and embedded-".." source vectors. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
ThomasWaldmann
marked this pull request as ready for review
July 18, 2026 22:08
Member
Author
|
Haiku test failure: haiku specific, does not fail on other OSes. #9913 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.