-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Amanda development team has discovered a security vulnerability introduced in Amanda-3.1.2. The vulnerability affects both Amanda servers and clients, and could lead to remote execution of code as the Amanda user.
The problem is fixed in Amanda-3.1.3, which is released today. It is a patch release in the 3.1.x series, and contains the fix for this security vulnerability as well as fixes for several other significant bugs in 3.1.2. This upgrade should be considered a high priority upgrade. Updated images and tarballs are available at - http://www.amanda.org - https://sourceforge.net/project/showfiles.php?group_id=120 - http://www.zmanda.com/download-amanda.php A permanent copy of this alert is at - http://www.amanda.org/secalert-3-1-2.php The MD5 sum for the release tarball is f72fa06d4f90f7997b17ded1d7b4314e Dustin -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkyrazUACgkQdiVAPX8NFbFtLwCfW+Sb1MRoPTU9KSMaIud3Pai2 Ol0AoOKUknQQs20TqBImE231GzDKuUCN =oT6b -----END PGP SIGNATURE-----