Package "amanda-common"

Name:	amanda-common
Description:	Advanced Maryland Automatic Network Disk Archiver (Libs)
Latest version:	1:3.5.1-8ubuntu1.4
Release:	jammy (22.04)
Level:	updates
Repository:	universe
Head package:	amanda
Homepage:	http://www.amanda.org/

Links

Raw Package Information

All versions of this package

Bug fixes

List of files in package

Repository home page

Download "amanda-common"

32-bit deb package

64-bit deb package

APT INSTALL

Other versions of "amanda-common" in Jammy

Repository	Area	Version
base	universe	1:3.5.1-8ubuntu1
security	universe	1:3.5.1-8ubuntu1.4

Changelog

Version: 1:3.5.1-8ubuntu1.4 2024-01-30 13:08:58 UTC

amanda (1:3.5.1-8ubuntu1.4) jammy-security; urgency=medium * SECURITY UPDATE: argument mishandling - debian/patches/57-CVE-2023-30577.patch: introduces checks in runtar.c to ensure that runtar binary is called only with expected arguments. - CVE-2023-30577 -- Jorge Sancho Larraz <email address hidden> Fri, 19 Jan 2024 13:54:35 +0100

Source diff to previous version

CVE-2023-30577

AMANDA (Advanced Maryland Automatic Network Disk Archiver) before tag-community-3.5.4 mishandles argument checking for runtar.c, a different vulnerab

Version: 1:3.5.1-8ubuntu1.3 2023-04-03 04:06:56 UTC

amanda (1:3.5.1-8ubuntu1.3) jammy-security; urgency=medium * SECURITY UPDATE: information leak calcsize SUID binary - d/p/56-fix-CVE-2022-37703: remove perror call disclosing potentially privileged information - CVE-2022-37703 * SECURITY UPDATE: privilege escalation via rundump SUID binary - d/p/50-fix-CVE-2022-37704: add option validation - d/p/52-fix-CVE-2022-37704_part_2: filter RSH environment variable - CVE-2022-37704 * SECURITY UPDATE: privilege escalation via runtar SUID binary - d/p/48-fix-CVE-2022-37705: fix option parsing - d/p/49-fix-CVE-2022-37705_part_2: amendment to above patch - CVE-2022-37705 -- David Lane <email address hidden> Tue, 28 Mar 2023 20:57:05 +1100

Source diff to previous version

CVE-2022-37703

In Amanda 3.5.1, an information leak vulnerability was found in the calcsize SUID binary. An attacker can abuse this vulnerability to know if a direc

Version: 1:3.5.1-8ubuntu1.2 2023-03-23 17:06:55 UTC

amanda (1:3.5.1-8ubuntu1.2) jammy-security; urgency=medium * SECURITY REGRESSION: Remove all patches from version 1:3.5.1-8ubuntu1.1 getting the package back to the state of 1:3.5.1-8ubuntu1.1. Pending further investigation. (LP: #2012536) -- Eduardo Barretto <email address hidden> Thu, 23 Mar 2023 11:06:24 +0100

Source diff to previous version

2012536

All GNUTAR-based backups fail after the package update to1:3.5.1-8ubuntu1.1

Version: 1:3.5.1-8ubuntu1.1 2023-03-21 12:07:00 UTC

amanda (1:3.5.1-8ubuntu1.1) jammy-security; urgency=medium * SECURITY UPDATE: information leak calcsize SUID binary - d/p/56-fix-CVE-2022-37703: remove perror call disclosing potentially privileged information - CVE-2022-37703 * SECURITY UPDATE: privilege escalation via rundump SUID binary - d/p/50-fix-CVE-2022-37704: add option validation - d/p/52-fix-CVE-2022-37704_part_2: filter RSH environment variable - CVE-2022-37704 * SECURITY UPDATE: privilege escalation via runtar SUID binary - d/p/48-fix-CVE-2022-37705: fix option parsing - CVE-2022-37705 -- David Lane <email address hidden> Thu, 09 Mar 2023 15:48:59 +1100

CVE-2022-37703

In Amanda 3.5.1, an information leak vulnerability was found in the calcsize SUID binary. An attacker can abuse this vulnerability to know if a direc

About - Send Feedback to @ubuntu_updates

Package "amanda-common"

Links

Download "amanda-common"

Other versions of "amanda-common" in Jammy

Changelog

Share this page

Bookmarks

Latest updates

proposed

updates

security

PPA updates