Based on https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures, which
states
```
Issues that warrant a security update
We only fix bugs in our stable releases which truly affect overall
system security, i. e. which enable an attacker to circumvent the
permissions configured on the system, or are a threat to the user's data
in any way. Most common examples:
Buffer overflow in a server process which allows to crash it (denial of
service) and/or to execute attacker provided code (privilege escalation).
Insecure temporary file handling which allows race condition and symlink
attacks to delete unrelated files with the invoker's privileges.
Non-working security-relevant configuration options (e. g. iptables would
allow packets which should be blocked, or a server's ACL option does not do the
right thing).
Less critical bugs (like Denial of Service vulnerabilities in instant
messengers or email applications) are also fixed usually, but with lower
priority.
```
it might be argumented that this is a security issue: "or are a threat
to the user's data in any way" and "Non-working security-relevant
configuration options".
Of course, that's only one way of reading it, but a backup tool that
starts failing to backup does not sound very secure.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1788829
Title:
Update to new maintenance release
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/borgbackup/+bug/1788829/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
