Your message dated Sun, 26 Feb 2023 18:49:12 +0000 with message-id <e1pwm5a-000uqu...@fasolo.debian.org> and subject line Bug#1029829: fixed in amanda 1:3.5.1-10 has caused the Debian Bug report #1029829, regarding amanda: CVE-2022-37704 CVE-2022-37705 to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1029829: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029829 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Source: amanda Version: 1:3.5.1-9 Severity: grave Tags: security upstream Justification: user security hole X-Debbugs-Cc: car...@debian.org, Debian Security Team <t...@security.debian.org> Hi, The following vulnerabilities were published for amanda. CVE-2022-37704[0], CVE-2022-37705[1]. If you fix the vulnerabilities please also make sure to include the CVE (Common Vulnerabilities & Exposures) ids in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2022-37704 https://www.cve.org/CVERecord?id=CVE-2022-37704 [1] https://security-tracker.debian.org/tracker/CVE-2022-37705 https://www.cve.org/CVERecord?id=CVE-2022-37705 [2] https://github.com/zmanda/amanda/issues/192 Please adjust the affected versions in the BTS as needed. Regards, Salvatore
--- End Message ---
--- Begin Message ---Source: amanda Source-Version: 1:3.5.1-10 Done: Jose M Calhariz <calha...@debian.org> We believe that the bug you reported is fixed in the latest version of amanda, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1029...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Jose M Calhariz <calha...@debian.org> (supplier of updated amanda package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sun, 26 Feb 2023 16:53:55 +0000 Source: amanda Architecture: source Version: 1:3.5.1-10 Distribution: unstable Urgency: medium Maintainer: Jose M Calhariz <calha...@debian.org> Changed-By: Jose M Calhariz <calha...@debian.org> Closes: 1029829 Changes: amanda (1:3.5.1-10) unstable; urgency=medium . * d/p/48-fix-CVE-2022-37705: Fix CVE-2022-37705. * d/p/50-fix-CVE-2022-37704: Partial fix for CVE-2022-37704 * d/p/52-fix-CVE-2022-37704_part_2: Partial fix for CVE-2022-37704, second vector (RSH). * d/p/56-fix-CVE-2022-37703: Fix CVE-2022-37703. * Bug fix: "CVE-2022-37704 CVE-2022-37705", thanks to Salvatore Bonaccorso (Closes: #1029829). Checksums-Sha1: dde22279416c5b13023876850695a5ac0ef47725 2216 amanda_3.5.1-10.dsc a4aecd17938f6ea15ec6f30914b33f31e23ee8b7 58692 amanda_3.5.1-10.debian.tar.xz 4f7d5c774231a61653c23ccadec710c91cb780b1 14911 amanda_3.5.1-10_source.buildinfo Checksums-Sha256: 0309c73957ede9d62399f7f0f81ebbe8ff43f607c2f982e3da76174fb6d224f8 2216 amanda_3.5.1-10.dsc d9a521df2a9fae544c09130889e9572f82f2e9e9e539dfeb77493a48feec8063 58692 amanda_3.5.1-10.debian.tar.xz 6d2acd27f1c69a0fdc42ad5ec5c4ead8a9d5cb828ba93d9e7ca4c780e580a4a3 14911 amanda_3.5.1-10_source.buildinfo Files: 0abb7789c98e4edf30f725f497a4ceb8 2216 utils optional amanda_3.5.1-10.dsc 258073075c62a2b95e633209acdcc74b 58692 utils optional amanda_3.5.1-10.debian.tar.xz f2fae77ddca211a80d46482b50399be1 14911 utils optional amanda_3.5.1-10_source.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEERkvHzUOf7l6LQJigNIp3jWiF748FAmP7nvgACgkQNIp3jWiF 74/Aew//dzovD4YSTHQPcmtj5b5+Hd8AzJXownW4QeH7wJN7MUyRPRLxHU1gejEb rIpzfL2xpMEn//RxR0wUHyliZcstNjxA5SQSN+QwQf5wQ5wuxSSIN7oOZnEyHfWO eQHAYCz9Gm6AZ+5WnMfGT9wWbOq0SKwJw3UzjbJmZrdOOwMTY2jMKdlooOAVP/QR FA4O7yteiXw5qdA80CR2U92wXrd1B8BWF049pnGEcizpyyQCG7o+5pbKZeofk3Tg AUDYyGe0ACTutBKdxaLJAZdhbybN24QopIQWpXXoImBQ6eJpDTQaWvxm026QpuMR QFNRA+gqjATHOWWaA0mOdTkymJbyixq21JP5gCPERyMclUnoLgxHYmUXdGbv04Cy JiXTMNUohc1e1gHh+5K4kZIy6Uijx+NuKHxzKYaR+cs+zUiVQ7nqdxtIK77x3SwC AEXGCdZx/cdrQwWpTixT0t3npAyJJr89OnxZsU4AKnfCCDSBq9uuZBhf7e/Yryi3 vtljS77/qu6edd2f0mBU0FkOTo0bHvpdGC2H0Iw5/7mLy60zN4e9QBE/pXjURT4C kQR2VkN260SCRNX+m/EUofDEU7YwbUEPMRpBciL5Cj1FpUJz5b13OS9SWpW3Mx9L ipUjxR4kwvEaUL6QaLRglgdQlO2sZ709F73bPm9IfQ1E1ktI8pQ= =1WSa -----END PGP SIGNATURE-----
--- End Message ---
