UbuntuUpdates.org

Package "amanda"

Name: amanda

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Advanced Maryland Automatic Network Disk Archiver (Client)
  • Advanced Maryland Automatic Network Disk Archiver (Libs)
  • Advanced Maryland Automatic Network Disk Archiver (Server)

Latest version: 1:3.3.3-2ubuntu1.1+actuallyesm2
Release: trusty (14.04)
Level: security
Repository: universe

Links



Other versions of "amanda" in Trusty

Repository Area Version
base universe 1:3.3.3-2ubuntu1
updates universe 1:3.3.3-2ubuntu1.1+actuallyesm2

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 1:3.3.3-2ubuntu1.1+actuallyesm2 2023-03-24 07:06:46 UTC

  amanda (1:3.3.3-2ubuntu1.1+actuallyesm2) trusty-security; urgency=medium

  * SECURITY REGRESSION: Remove all patches from version 1:3.3.3-2ubuntu1.1
    restoring the package to the state of 1:3.3.3-2ubuntu1. (LP: #2012536)

 -- David Lane <email address hidden> Fri, 24 Mar 2023 12:33:20 +1100

Source diff to previous version
2012536 All GNUTAR-based backups fail after the package update to1:3.5.1-8ubuntu1.1

Version: 1:3.3.3-2ubuntu1.1 2023-03-21 10:06:54 UTC

  amanda (1:3.3.3-2ubuntu1.1) trusty-security; urgency=medium

  * SECURITY UPDATE: information leak calcsize SUID binary
    - d/p/56-fix-CVE-2022-37703: remove perror call disclosing potentially
      privileged information
    - CVE-2022-37703
  * SECURITY UPDATE: privilege escalation via rundump SUID binary
    - d/p/50-fix-CVE-2022-37704: add option validation
    - d/p/52-fix-CVE-2022-37704_part_2-backport: filter RSH env variable
    - CVE-2022-37704
  * SECURITY UPDATE: privilege escalation via runtar SUID binary
    - d/p/48-fix-CVE-2022-37705-backport: fix option parsing
    - CVE-2022-37705

 -- David Lane <email address hidden> Thu, 16 Mar 2023 13:18:40 +1100

CVE-2022-37703 In Amanda 3.5.1, an information leak vulnerability was found in the calcsize SUID binary. An attacker can abuse this vulnerability to know if a direc



About   -   Send Feedback to @ubuntu_updates