implement BORG_WORKAROUNDS=ignore_invalid_archive_tam, see #7791

author: Thomas Waldmann <tw@waldmann-edv.de> 2023-08-31 00:16:17 +0200
committer: Thomas Waldmann <tw@waldmann-edv.de> 2023-08-31 00:36:04 +0200
commit: d05d02f23849f4ec37feb158b3764b5291bf3fb0 (patch)
tree: 1cf07538a366399eb4164e100cafe21f4ff0cbad /docs/usage
parent: 7ab28487ceb633867c5763e86fc8d85472ef8e7e (diff)
1 files changed, 8 insertions, 0 deletions
diff --git a/docs/usage/general/environment.rst.inc b/docs/usage/general/environment.rst.inc
index bdbf8c602..6b067f55d 100644
--- a/docs/usage/general/environment.rst.inc
+++ b/docs/usage/general/environment.rst.inc
@@ -116,6 +116,14 @@ General:
 
             Now you can init a fresh repo. Make sure you do not use the workaround any more.
 
+        ignore_invalid_archive_tam
+            Work around invalid archive TAMs created by borg < 1.2.5, see :issue:`7791`.
+
+            This workaround likely needs to get used only once when following the upgrade
+            instructions for CVE-2023-36811, see :ref:`archives_tam_vuln`.
+
+            In normal production operations, this workaround should never be used.
+
 Some automatic "answerers" (if set, they automatically answer confirmation questions):
     BORG_UNKNOWN_UNENCRYPTED_REPO_ACCESS_IS_OK=no (or =yes)
         For "Warning: Attempting to access a previously unknown unencrypted repository"
author	Thomas Waldmann <tw@waldmann-edv.de>	2023-08-31 00:16:17 +0200
committer	Thomas Waldmann <tw@waldmann-edv.de>	2023-08-31 00:36:04 +0200
commit	d05d02f23849f4ec37feb158b3764b5291bf3fb0 (patch)
tree	1cf07538a366399eb4164e100cafe21f4ff0cbad /docs/usage
parent	7ab28487ceb633867c5763e86fc8d85472ef8e7e (diff)