Package: btrbk Version: 0.32.4-1 Severity: minor I have been using btrbk for centralised backups of many remote machines for a long time.
The latest release of btrbk changes the 'readlink' command sent to remote machines. Previously it seems the command was: readlink -v -e /mnt/a/b Now it is: readlink -v -e '/mnt/a/b' The addition of the single quotes breaks the checks in some, but not all, older versions of /usr/share/btrbk/scripts/ssh_filter_btrbk.sh. I assume the quotes are for a good reason, so I think a NEWS message should be added to warn installers that this security change will not interoperate with some (but not all) older releases. It appears that a workround is to copy the new version of /usr/share/btrbk/scripts/ssh_filter_btrbk.sh to the same place in any affected remote systems, if they cannot be upgraded to the new release. NOTE: I have not attempted to exhaustively test that the latest ssh_filter_btrbk.sh works completely on the old systems. But it does fix the problem at least for interoperation between btrbk 0.32.4-1 and btrbk 0.31.3-1. -- System Information: Debian Release: bookworm/sid APT prefers testing APT policy: (900, 'testing') merged-usr: no Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.18.0-2-amd64 (SMP w/8 CPU threads; PREEMPT) Locale: LANG=en_IE.utf8, LC_CTYPE=en_IE.utf8 (charmap=UTF-8) (ignored: LC_ALL set to en_IE.utf8), LANGUAGE not set Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages btrbk depends on: ii btrfs-progs 5.18.1-1 ii perl 5.34.0-5 Versions of packages btrbk recommends: ii mbuffer 20220418+ds1-1 ii openssh-client 1:9.0p1-1+b1 Versions of packages btrbk suggests: ii openssl 3.0.4-2 ii python3 3.10.4-1+b1 -- no debconf information
