Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 913407 (CVE-2023-36811) - <app-backup/borgbackup-1.2.6: Archive spoofing vulnerability
Summary: <app-backup/borgbackup-1.2.6: Archive spoofing vulnerability
Alias: CVE-2023-36811
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
Whiteboard: B3 [glsa?]
Depends on: 913571
  Show dependency tree
Reported: 2023-09-01 12:14 UTC by Sam James
Modified: 2023-10-07 18:34 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Comment 1 Larry the Git Cow gentoo-dev 2023-09-04 08:21:57 UTC
The bug has been referenced in the following commit(s):

commit 1c9eaa3ece6010067f206c88a87889650c9ddc08
Author:     Marek Szuba <>
AuthorDate: 2023-09-04 08:20:44 +0000
Commit:     Marek Szuba <>
CommitDate: 2023-09-04 08:21:50 +0000

    app-backup/borgbackup: drop 1.2.4-r3
    No versions vulnerable to CVE-2023-36811 left in the tree.
    Signed-off-by: Marek Szuba <>

 app-backup/borgbackup/Manifest                   |  1 -
 app-backup/borgbackup/borgbackup-1.2.4-r3.ebuild | 55 ------------------------
 2 files changed, 56 deletions(-)