Dear customers, partners and users!
We’ve just released Bareos 23.0.3 with a security response to CVE-2023-4807 and others, a premiere of aarch64 Universal Linux Client, support for FreeBSD 14, improvements for VMware as well as several bugfixes.
Security assessment and response to CVE-2023-4807, CVE-2022-4450, CVE-2022-4304 and CVE-2022-0778:
Windows packages for Bareos versions 23.0.3, 22.1.5 and 21.1.10 contain an updated version of OpenSSL. We encourage all users of the Windows version of Bareos to upgrade to these patched versions. As workaround set CPU-flags to disable usage of AVX512 instructions. Complete details are explained here.
We are premiering our official aarch64 Universal Linux Client. We are looking forward to hearing your feedback!
The VMware plugin can now backup and restore NVRAM data of VM’s.
Python-bareos will automatically use the integrated TLS-PSK starting with Python 3.13.
All maintenance releases are available for download in the repositories for subscription customers. As always, the source code is available in our GitHub repository . The details are available in our changelog.
We recommend to update to most current version of Bareos Software.
On behalf of the Bareos team best regards,
Frank