borgbackup - Debian Package Tracker

general

source: borgbackup (main)
version: 1.4.1-3
maintainer: Debian Borg Collective (DMD)
uploaders: Gianfranco Costamagna [DMD] – Lee Garrett [DMD] – Danny Edel [DMD]
arch: all any
std-ver: 4.7.0
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 1.1.9-2+deb10u1
oldstable: 1.1.16-3
old-bpo: 1.2.3-1~bpo11+1
stable: 1.2.4-1
stable-bpo: 1.4.0-4~bpo12+1
testing: 1.4.0-5
unstable: 1.4.1-3

versioned links

1.1.9-2+deb10u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.1.16-3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.2.3-1~bpo11+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.2.4-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.4.0-4~bpo12+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.4.0-5: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.4.1-3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

borgbackup (2 bugs: 0, 2, 0, 0)
borgbackup-doc

action needed

A new upstream version is available: 2.0.0~b18 high

A new upstream version 2.0.0~b18 is available, you should consider packaging it.

Created: 2022-07-19 Last update: 2025-07-04 17:30

lintian reports 7 warnings normal

Lintian reports 7 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2025-06-29 Last update: 2025-06-29 15:02

9 new commits since last upload, is it time to release? normal

vcswatch reports that this package seems to have new commits in its VCS but has not yet updated debian/changelog. You should consider updating the Debian changelog and uploading this new version into the archive.

Here are the relevant commit logs:

commit 9584a762caba813350657b48e13ca2736753e1e7
Author: Nicholas D Steeves <sten@debian.org>
Date:   Sat Jun 28 14:19:05 2025 -0400

    Release 1.4.1-3 to unstable

commit b090644a758d75a735b333312f36c5a7185cfc43
Author: Nicholas D Steeves <sten@debian.org>
Date:   Sat Jun 28 12:47:03 2025 -0400

    generate and edit Lee Garrett's changelog entries

commit 5ca5db457f614e78c7d62f24ba542b2926a96e77
Author: Nicholas D Steeves <sten@debian.org>
Date:   Wed Jun 18 15:05:45 2025 -0400

    Additionally enable autopkgtest-pkg-python (see Debian Python Team for…
    
    why one should use both).

commit 5a389ac6bde939757c74fb554b248276ae915f7a
Author: Lee Garrett <lgarrett@rocketjump.eu>
Date:   Mon Jun 16 00:15:05 2025 +0300

    Add unit tests to autopkgtest

commit a3237702934268832eb4f419db9a603a9616f25e
Author: Lee Garrett <lgarrett@rocketjump.eu>
Date:   Mon Jun 16 23:24:35 2025 +0300

    Update metadata (Vcs-Git/gbp.conf) to point to trixie branch

commit 6d712442e6b56c8578262531821a25949e9935f9
Author: Lee Garrett <lgarrett@rocketjump.eu>
Date:   Fri Jun 13 15:39:13 2025 +0200

    Typo fix

commit 6d76f98aeac26984c51781899629dbf5615c6129
Author: Lee Garrett <lgarrett@rocketjump.eu>
Date:   Fri Jun 13 15:36:20 2025 +0200

    Add myself to uploaders

commit 710d7305771083fa2649f2e888fddcbd51dcde6a
Author: Nicholas D Steeves <sten@debian.org>
Date:   Sun Jun 15 15:18:10 2025 -0400

    Git shortlog of Debian-facing upstream changes between upstream's…
    
    1.4.0 and 1.4.1, (for trixie unblock):

commit 4aeabb70f53865d6a69c4d81767f4d482501308e
Author: Nicholas D Steeves <sten@debian.org>
Date:   Sun Jun 15 15:16:45 2025 -0400

    Update debian/NEWS: Upstream introduced less alarming and easier to…
    
    follow migration instructions in 1.2.8, and this is their officially
    supported procedure.

Created: 2025-06-29 Last update: 2025-06-29 09:04

debian/patches: 3 patches to forward upstream low

Among the 3 debian patches available in version 1.4.1-3 of the package, we noticed the following issues:

3 patches where the metadata indicates that the patch has not yet been forwarded upstream. You should either forward the patch upstream or update the metadata to document its real status.

Created: 2023-02-26 Last update: 2025-06-29 16:00

Build log checks report 1 warning low

Build log checks report 1 warning

Created: 2024-10-08 Last update: 2024-10-08 18:00

No known security issue in bookworm wishlist

There is 1 open security issue in bookworm.

1 ignored issue:

CVE-2023-36811: borgbackup is an opensource, deduplicating archiver with compression and authenticated encryption. A flaw in the cryptographic authentication scheme in borgbackup allowed an attacker to fake archives and potentially indirectly cause backup data loss in the repository. The attack requires an attacker to be able to: 1. insert files (with no additional headers) into backups and 2. gain write access to the repository. This vulnerability does not disclose plaintext to the attacker, nor does it affect the authenticity of existing archives. Creating plausible fake archives may be feasible for empty or small archives, but is unlikely for large archives. The issue has been fixed in borgbackup 1.2.5. Users are advised to upgrade. Additionally to installing the fixed code, users must follow the upgrade procedure as documented in the change log. Data loss after being attacked can be avoided by reviewing the archives (timestamp and contents valid and as expected) after any "borg check --repair" and before "borg prune". There are no known workarounds for this vulnerability.

Created: 2023-08-31 Last update: 2025-06-29 11:00

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.7.2 instead of 4.7.0).

Created: 2025-02-21 Last update: 2025-06-29 09:52

testing migrations

excuses:
- Migration status for borgbackup (1.4.0-5 to 1.4.1-3): BLOCKED: Rejected/violates migration policy/introduces a regression
- Issues preventing migration:
- ∙ ∙ autopkgtest for borgbackup/1.4.1-3: amd64: Pass, arm64: Regression or new test ♻ (reference ♻), armel: Regression or new test ♻ (reference ♻), armhf: Regression or new test ♻ (reference ♻), i386: Regression or new test ♻ (reference ♻), ppc64el: Regression or new test ♻ (reference ♻), riscv64: Regression or new test ♻ (reference ♻), s390x: Regression or new test ♻ (reference ♻)
- ∙ ∙ blocked by freeze: is a key package (Follow the freeze policy when applying for an unblock)
- ∙ ∙ Too young, only 6 of 20 days old
- Additional info:
- ∙ ∙ Piuparts tested OK - https://piuparts.debian.org/sid/source/b/borgbackup.html
- ∙ ∙ Reproducible on amd64 - info ♻
- ∙ ∙ Reproducible on arm64 - info ♻
- ∙ ∙ Waiting for reproducibility test results on armhf - info ♻
- Not considered

news

[rss feed]

[2025-06-29] Accepted borgbackup 1.4.1-3 (source) into unstable (Nicholas D Steeves)
[2025-06-18] Accepted borgbackup 1.4.1-3~exp1 (source) into experimental (Nicholas D Steeves)
[2025-05-10] Accepted borgbackup 1.4.1-2 (source) into unstable (Gianfranco Costamagna)
[2025-05-10] Accepted borgbackup 1.4.1-1 (source) into unstable (Gianfranco Costamagna)
[2025-03-27] borgbackup 1.4.0-5 MIGRATED to testing (Debian testing watch)
[2025-03-25] Accepted borgbackup 1.4.0-5 (source) into unstable (Gianfranco Costamagna)
[2025-01-23] Accepted borgbackup 1.4.0-4~bpo12+1 (source) into stable-backports (Gianfranco Costamagna)
[2024-10-17] borgbackup 1.4.0-4 MIGRATED to testing (Debian testing watch)
[2024-10-15] Accepted borgbackup 1.4.0-4 (source) into unstable (Gianfranco Costamagna)
[2024-10-15] borgbackup 1.4.0-3 MIGRATED to testing (Debian testing watch)
[2024-10-12] Accepted borgbackup 1.4.0-3 (source) into unstable (Gianfranco Costamagna)
[2024-10-10] borgbackup 1.4.0-2 MIGRATED to testing (Debian testing watch)
[2024-10-08] Accepted borgbackup 1.4.0-2 (source) into unstable (Gianfranco Costamagna)
[2024-07-08] borgbackup 1.4.0-1 MIGRATED to testing (Debian testing watch)
[2024-07-04] Accepted borgbackup 1.4.0-1 (source) into unstable (Gianfranco Costamagna)
[2024-05-25] Accepted borgbackup 1.2.8-1~bpo12+1 (source) into stable-backports (Ian Campbell)
[2024-04-29] borgbackup 1.2.8-1 MIGRATED to testing (Debian testing watch)
[2024-04-29] borgbackup 1.2.8-1 MIGRATED to testing (Debian testing watch)
[2024-04-24] Accepted borgbackup 1.2.8-1 (source) into unstable (Gianfranco Costamagna)
[2024-01-17] Accepted borgbackup 1.2.7-2~bpo12+1 (source arm64 all) into stable-backports (Debian FTP Masters) (signed by: Chris Boot)
[2024-01-01] borgbackup 1.2.7-2 MIGRATED to testing (Debian testing watch)
[2023-12-29] Accepted borgbackup 1.2.7-2 (source) into unstable (Gianfranco Costamagna)
[2023-12-16] borgbackup 1.2.7-1 MIGRATED to testing (Debian testing watch)
[2023-12-03] Accepted borgbackup 1.2.7-1 (source) into unstable (Gianfranco Costamagna)
[2023-09-03] borgbackup 1.2.6-2 MIGRATED to testing (Debian testing watch)
[2023-09-01] Accepted borgbackup 1.2.6-2 (source) into unstable (Gianfranco Costamagna)
[2023-08-31] Accepted borgbackup 1.2.6-1 (source) into unstable (Gianfranco Costamagna)
[2023-08-31] Accepted borgbackup 1.2.5-4 (source) into unstable (Gianfranco Costamagna)
[2023-08-31] Accepted borgbackup 1.2.5-3 (source) into unstable (Gianfranco Costamagna)
[2023-08-30] Accepted borgbackup 1.2.5-2 (source) into unstable (Gianfranco Costamagna)

bugs [bug history graph]

all: 4
RC: 0
I&N: 4
M&W: 0
F&P: 0
patch: 0

links

homepage
lintian (0, 7)
buildd: logs, checks, reproducibility, cross
popcon
browse source code
edit tags
other distros
security tracker
screenshots
debian patches
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 1.4.1-3