borgbackup - Debian Package Tracker

general

source: borgbackup (main)
version: 1.4.3-1
maintainer: Debian Borg Collective (DMD)
uploaders: Gianfranco Costamagna [DMD] – Danny Edel [DMD] – Lee Garrett [DMD]
arch: all any
std-ver: 4.7.0
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 1.1.16-3
oldstable: 1.2.4-1
old-bpo: 1.4.0-4~bpo12+1
stable: 1.4.0-5
testing: 1.4.3-1
unstable: 1.4.3-1

versioned links

1.1.16-3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.2.4-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.4.0-4~bpo12+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.4.0-5: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.4.3-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

borgbackup (4 bugs: 0, 4, 0, 0)
borgbackup-doc

action needed

Debci reports failed tests high

unstable: fail (log)
The tests ran in 0:30:07
Last run: 2025-12-07T18:56:01.000Z
Previous status: unknown

testing: fail (log)
The tests ran in 0:22:13
Last run: 2025-12-15T17:04:42.000Z
Previous status: unknown

stable: pass (log)
The tests ran in 0:02:28
Last run: 2025-11-08T16:13:46.000Z
Previous status: unknown

Created: 2025-11-08 Last update: 2025-12-19 11:30

lintian reports 1 error and 5 warnings high

Lintian reports 1 error and 5 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2025-11-09 Last update: 2025-12-08 00:02

2 new commits since last upload, is it time to release? normal

vcswatch reports that this package seems to have new commits in its VCS but has not yet updated debian/changelog. You should consider updating the Debian changelog and uploading this new version into the archive.

Here are the relevant commit logs:

commit acc2e1bff99e0981f5de4a413344a5999cbe9894
Merge: b016f3f5 baa976dd
Author: Gianfranco Costamagna <locutusofborg@debian.org>
Date:   Thu Dec 11 22:09:02 2025 +0000

    Merge branch 'wip/bye-llfuse' into 'debian/latest'
    
    autopkgtest: remove Depends: python-llfuse (since it uses fuse2)
    
    See merge request debian/borgbackup!3

commit baa976dd282a09200345af2ce3dbbef87ed75778
Author: Jeremy Bícha <jbicha@debian.org>
Date:   Wed Dec 10 15:38:59 2025 -0500

    autopkgtest: remove Depends: python-llfuse (since it uses fuse2)

Created: 2025-12-12 Last update: 2025-12-17 16:19

debian/patches: 3 patches to forward upstream low

Among the 3 debian patches available in version 1.4.3-1 of the package, we noticed the following issues:

3 patches where the metadata indicates that the patch has not yet been forwarded upstream. You should either forward the patch upstream or update the metadata to document its real status.

Created: 2023-02-26 Last update: 2025-12-06 18:30

No known security issue in bookworm wishlist

There is 1 open security issue in bookworm.

1 ignored issue:

CVE-2023-36811: borgbackup is an opensource, deduplicating archiver with compression and authenticated encryption. A flaw in the cryptographic authentication scheme in borgbackup allowed an attacker to fake archives and potentially indirectly cause backup data loss in the repository. The attack requires an attacker to be able to: 1. insert files (with no additional headers) into backups and 2. gain write access to the repository. This vulnerability does not disclose plaintext to the attacker, nor does it affect the authenticity of existing archives. Creating plausible fake archives may be feasible for empty or small archives, but is unlikely for large archives. The issue has been fixed in borgbackup 1.2.5. Users are advised to upgrade. Additionally to installing the fixed code, users must follow the upgrade procedure as documented in the change log. Data loss after being attacked can be avoided by reviewing the archives (timestamp and contents valid and as expected) after any "borg check --repair" and before "borg prune". There are no known workarounds for this vulnerability.

Created: 2023-08-31 Last update: 2025-12-14 06:01

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.7.2 instead of 4.7.0).

Created: 2025-02-21 Last update: 2025-12-06 20:00

news

[rss feed]

[2025-12-14] borgbackup 1.4.3-1 MIGRATED to testing (Debian testing watch)
[2025-12-14] borgbackup 1.4.3-1 MIGRATED to testing (Debian testing watch)
[2025-12-06] Accepted borgbackup 1.4.3-1 (source) into unstable (Gianfranco Costamagna)
[2025-11-08] Accepted borgbackup 1.4.2-2 (source) into unstable (Gianfranco Costamagna)
[2025-11-07] Accepted borgbackup 1.4.2-1 (source) into unstable (Gianfranco Costamagna)
[2025-08-13] borgbackup 1.4.1-4 MIGRATED to testing (Debian testing watch)
[2025-07-09] Accepted borgbackup 1.4.1-4 (source) into unstable (Nicholas D Steeves)
[2025-06-29] Accepted borgbackup 1.4.1-3 (source) into unstable (Nicholas D Steeves)
[2025-06-18] Accepted borgbackup 1.4.1-3~exp1 (source) into experimental (Nicholas D Steeves)
[2025-05-10] Accepted borgbackup 1.4.1-2 (source) into unstable (Gianfranco Costamagna)
[2025-05-10] Accepted borgbackup 1.4.1-1 (source) into unstable (Gianfranco Costamagna)
[2025-03-27] borgbackup 1.4.0-5 MIGRATED to testing (Debian testing watch)
[2025-03-25] Accepted borgbackup 1.4.0-5 (source) into unstable (Gianfranco Costamagna)
[2025-01-23] Accepted borgbackup 1.4.0-4~bpo12+1 (source) into stable-backports (Gianfranco Costamagna)
[2024-10-17] borgbackup 1.4.0-4 MIGRATED to testing (Debian testing watch)
[2024-10-15] Accepted borgbackup 1.4.0-4 (source) into unstable (Gianfranco Costamagna)
[2024-10-15] borgbackup 1.4.0-3 MIGRATED to testing (Debian testing watch)
[2024-10-12] Accepted borgbackup 1.4.0-3 (source) into unstable (Gianfranco Costamagna)
[2024-10-10] borgbackup 1.4.0-2 MIGRATED to testing (Debian testing watch)
[2024-10-08] Accepted borgbackup 1.4.0-2 (source) into unstable (Gianfranco Costamagna)
[2024-07-08] borgbackup 1.4.0-1 MIGRATED to testing (Debian testing watch)
[2024-07-04] Accepted borgbackup 1.4.0-1 (source) into unstable (Gianfranco Costamagna)
[2024-05-25] Accepted borgbackup 1.2.8-1~bpo12+1 (source) into stable-backports (Ian Campbell)
[2024-04-29] borgbackup 1.2.8-1 MIGRATED to testing (Debian testing watch)
[2024-04-29] borgbackup 1.2.8-1 MIGRATED to testing (Debian testing watch)
[2024-04-24] Accepted borgbackup 1.2.8-1 (source) into unstable (Gianfranco Costamagna)
[2024-01-17] Accepted borgbackup 1.2.7-2~bpo12+1 (source arm64 all) into stable-backports (Debian FTP Masters) (signed by: Chris Boot)
[2024-01-01] borgbackup 1.2.7-2 MIGRATED to testing (Debian testing watch)
[2023-12-29] Accepted borgbackup 1.2.7-2 (source) into unstable (Gianfranco Costamagna)
[2023-12-16] borgbackup 1.2.7-1 MIGRATED to testing (Debian testing watch)

bugs [bug history graph]

all: 7
RC: 1
I&N: 5
M&W: 1
F&P: 0
patch: 0

links

homepage
lintian (1, 5)
buildd: logs, reproducibility, cross
popcon
browse source code
edit tags
other distros
security tracker
screenshots
debian patches
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 1.4.3-1
1 bug