[ubuntu/jammy-updates] amanda 1:3.5.1-8ubuntu1.1 (Accepted)
Ubuntu Archive Robot
ubuntu-archive-robot at lists.canonical.com
Tue Mar 21 09:58:13 UTC 2023
amanda (1:3.5.1-8ubuntu1.1) jammy-security; urgency=medium
* SECURITY UPDATE: information leak calcsize SUID binary
- d/p/56-fix-CVE-2022-37703: remove perror call disclosing potentially
privileged information
- CVE-2022-37703
* SECURITY UPDATE: privilege escalation via rundump SUID binary
- d/p/50-fix-CVE-2022-37704: add option validation
- d/p/52-fix-CVE-2022-37704_part_2: filter RSH environment variable
- CVE-2022-37704
* SECURITY UPDATE: privilege escalation via runtar SUID binary
- d/p/48-fix-CVE-2022-37705: fix option parsing
- CVE-2022-37705
Date: 2023-03-19 23:29:08.696453+00:00
Changed-By: David Lane <david.lane at canonical.com>
Signed-By: Ubuntu Archive Robot <ubuntu-archive-robot at lists.canonical.com>
https://launchpad.net/ubuntu/+source/amanda/1:3.5.1-8ubuntu1.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the jammy-changes
mailing list