[ubuntu/xenial-security] amanda 1:3.3.6-4.1ubuntu0.1 (Accepted)

David Lane Tue, 21 Mar 2023 00:19:23 -0700

amanda (1:3.3.6-4.1ubuntu0.1) xenial-security; urgency=medium

  * SECURITY UPDATE: information leak calcsize SUID binary
    - d/p/56-fix-CVE-2022-37703: remove perror call disclosing potentially
      privileged information
    - CVE-2022-37703
  * SECURITY UPDATE: privilege escalation via rundump SUID binary
    - d/p/50-fix-CVE-2022-37704: add option validation
    - d/p/52-fix-CVE-2022-37704_part_2-backport: filter RSH env variable
    - CVE-2022-37704
  * SECURITY UPDATE: privilege escalation via runtar SUID binary
    - d/p/48-fix-CVE-2022-37705-backport: fix option parsing
    - CVE-2022-37705


Date: 2023-03-19 23:23:13.386586+00:00
Changed-By: David Lane <david.l...@canonical.com>
https://launchpad.net/ubuntu/+source/amanda/1:3.3.6-4.1ubuntu0.1

Sorry, changesfile not available.

-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] amanda 1:3.3.6-4.1ubuntu0.1 (Accepted)

Reply via email to