This update for backintime to version 1.1.20 fixes several issues.
These security issues were fixed:
- CVE-2017-7572: The _checkPolkitPrivilege function in serviceHelper.py in backintime used a deprecated polkit authorization method (unix-process) that is subject to a race condition (time of check, time of use) (bsc#1032717).
- Don't store passwords given to polkit helper
- boo#1007723: General security hardening measures
These non-security issues were fixed:
- Delete udev configuration files on uninstall
- Merge doc subpackage into main package
- Submitted by Tejas Guruswamy (MasterPatricko)