[ubuntu/bionic-updates] amanda 1:3.5.1-1ubuntu0.3 (Accepted)
Ubuntu Archive Robot
ubuntu-archive-robot at lists.canonical.com
Mon Apr 3 02:28:28 UTC 2023
amanda (1:3.5.1-1ubuntu0.3) bionic-security; urgency=medium
* SECURITY UPDATE: information leak calcsize SUID binary
- d/p/56-fix-CVE-2022-37703: remove perror call disclosing potentially
privileged information
- CVE-2022-37703
* SECURITY UPDATE: privilege escalation via rundump SUID binary
- d/p/50-fix-CVE-2022-37704: add option validation
- d/p/52-fix-CVE-2022-37704_part_2: filter RSH environment variable
- CVE-2022-37704
* SECURITY UPDATE: privilege escalation via runtar SUID binary
- d/p/48-fix-CVE-2022-37705: fix option parsing
- d/p/49-fix-CVE-2022-37705_part_2: amendment to above patch
- CVE-2022-37705
Date: 2023-04-02 10:38:08.890639+00:00
Changed-By: David Lane <david.lane at canonical.com>
Signed-By: Ubuntu Archive Robot <ubuntu-archive-robot at lists.canonical.com>
https://launchpad.net/ubuntu/+source/amanda/1:3.5.1-1ubuntu0.3
-------------- next part --------------
Sorry, changesfile not available.
More information about the Bionic-changes
mailing list