Alerts This Week
Warning Icon 1 640
Alerts This Week
Warning Icon 1 640

SUSE: 2018:4121-1 Moderate Security Update for Amanda Software

suse
Calendar Grey December 14, 2018
Dist Suse Esm H88
SUSE has issued a security update addressing a moderate vulnerability in amanda for SLES 11-SP4. Learn more about the patch and its implications.
An update that fixes one vulnerability is now available

Summary

This update for amanda fixes the following issues: Security issue fixed: - CVE-2016-10729: Fixed a local privilege escalation from amanda to root via unsafe tar command options (bsc#1112916). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-amanda-13911=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-amanda-13911=1 Package List: - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): amanda-2.5.2.1-188.5.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): amanda-debuginfo-2.5.2.1-188.5.1

References

#1112916

Cross- CVE-2016-10729

Affected Products:

SUSE Linux Enterprise Server 11-SP4

SUSE Linux Enterprise Debuginfo 11-SP4

https://www.suse.com/security/cve/CVE-2016-10729.html

https://bugzilla.suse.com/1112916

Announcement ID: SUSE-SU-2018:4121-1
Rating: moderate

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here