File _patchinfo of Package patchinfo.6525

<patchinfo incident="6525">
  <issue id="1026729" tracker="bnc">VUL-1: xtrabackup: database credentials shown in process list when passed as command line arguments</issue>
  <category>security</category>
  <rating>moderate</rating>
  <packager>AndreasStieger</packager>
  <description>This update to xtrabackup 2.3.7 fixes one security issue and bugs.

The following security issue was fixed:

- innobackupex and xtrabackup scripts were showing the password in the ps output when it was passed as a
  command line argument (boo#1026729)

The following functionality was added:

- new --remove-original option for removing the original encrypted and compressed files
- now supports -H, -h, -u and -p shortcuts for --hostname, --datadir, --user and --password respectively

The following bugs were fixed:

- Pick up username from user's configuration file correctly
- Incremental backups did not include xtrabackup_binlog_info and xtrabackup_galera_info files
- --move-back option did not always restore out-of-datadir tablespaces to their original directories
- Incremental backup would fail with a path like ~/backup/inc_1
</description>
  <summary>Security update for xtrabackup</summary>
</patchinfo>