Alerts This Week
Warning Icon 1 566
Alerts This Week
Warning Icon 1 566

Stay Secure with the Latest Linux Advisories

Fedora Large Esm H800
Fedora

Fedora 44 Transmission 4.1.2 Important Clickjacking Fix CVE-2026-38978

Calendar White Jun 05, 2026
Important
Fedora Large Esm H900
Fedora

Fedora 44 libre 4.8.1 Critical Update Details for Real-Time Communication

Calendar White Jun 05, 2026
Important
Fedora Large Esm H900
Fedora

Fedora 44 NextCloud Update Denial of Service JSON Tampering 2026-30881a5be7

Calendar White Jun 05, 2026
Important
Fedora Large Esm H800
Fedora

Fedora 44 python-starlette Security Fix for CVE-2026-48710

Calendar White Jun 05, 2026
Critical
Fedora Large Esm H900
Fedora

Fedora 44 perl-Cpanel-JSON-XS Moderate Denial of Service CVE-2026-9516

Calendar White Jun 05, 2026
Important
Fedora Large Esm H900
Fedora

Fedora 44 rubygem-yard High Path Traversal Fix Vuln 2026-acefc1fe48

Calendar White Jun 05, 2026
high
Fedora Large Esm H800
Fedora

Fedora 44 Rust Sequoia Sop Low-Severity Fix Advisory 2026-5c5f4f40a4

Calendar White Jun 05, 2026
Low
Fedora Large Esm H900
Fedora

Fedora 44 rust-sequoia-sq Low Threat Security Advisory 2026-5c5f4f40a4

Calendar White Jun 05, 2026
Low
Fedora Large Esm H900
Fedora

Fedora 44 rust-sequoia-wot Low Severity Security Fix 2026-5c5f4f40a4

Calendar White Jun 05, 2026
Low
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 2 articles for you...
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorysoftware updatedebian

Debian 11: DLA-3880-1 Critical: Amanda Privilege Escalation Issues

Multiple vulnerabilities have been fixed in the Amanda backup system. CVE-2022-37703 . - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3880-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Adrian Bunk September 07, 2024 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package : amanda Version : 1:3.5.1-7+deb11u1 CVE ID : CVE-2022-37703 CVE-2022-37704 CVE-2022-37705 CVE-2023-30577 Debian Bug : 1021017 1029829 1055253 Multiple vulnerabilities have been fixed in the Amanda backup system. CVE-2022-37703 Directory existence disclosure CVE-2022-37704 Privilege escalation in rundump CVE-2022-37705 Privilege escalation in runtar CVE-2023-30577 Privilege escalation in runtar For Debian 11 bullseye, these problems have been fixed in version 1:3.5.1-7+deb11u1. We recommend that you upgrade your amanda packages. For the detailed security status of amanda please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/amanda Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Several security flaws addressed in Amanda backup solution for Debian LTS. Comprehensive details on advisories and patches included.. Amanda Security Advisory, Debian Linux Updates, Privilege Escalation Fixes. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Sep 07, 2024 Critical Debian LTS
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisorycriticalprivilege escalation

Ubuntu 23.10: USN-6614-1 Critical: Amanda Escalation Attack

amanda could be used to escalate privilege if it was provided with specially crafted arguments.. ========================================================================== Ubuntu Security Notice USN-6614-1 January 30, 2024 amanda vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 23.10 - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS (Available with Ubuntu Pro) Summary: amanda could be used to escalate privilege if it was provided with specially crafted arguments. Software Description: - amanda: Advanced Maryland Automatic Network Disk Archiver (Client) Details: It was discovered that amanda did not properly check certain arguments. A local unprivileged attacker could possibly use this issue to perform a privilege escalation attack. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 23.10: amanda-client 1:3.5.1-11ubuntu0.23.10.1 Ubuntu 22.04 LTS: amanda-client 1:3.5.1-8ubuntu1.4 Ubuntu 20.04 LTS: amanda-client 1:3.5.1-2ubuntu0.4 Ubuntu 18.04 LTS (Available with Ubuntu Pro): amanda-client 1:3.5.1-1ubuntu0.3+esm1 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-6614-1 CVE-2023-30577 Package Information: https://launchpad.net/ubuntu/+source/amanda/1:3.5.1-8ubuntu1.4 . A significant blueprint flaw enables privilege elevation across various Ubuntu versions. Detailed update guidance is provided.. Amanda Privilege Escalation, Ubuntu Update, Security Notice. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jan 30, 2024 Critical Ubuntu
Banner 4 1028x280 1708121825 1771600306
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorysecurity updateinformation leak

Debian 10: DLA-3681-1 moderate: amanda privilege escalation and info leak

Multiple vulnerabilties have been found in Amanda,a backup system designed to archive many computers on a network to a single large-capacity tape drive. The vulnerabilties potentially allows local privilege escalation from the backup user to root or leak information . ------------------------------------------------------------------------- Debian LTS Advisory DLA-3681-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Tobias Frost December 03, 2023 https://wiki.debian.org/LTS ------------------------------------------------------------------------- Package : amanda Version : 1:3.5.1-2+deb10u2 CVE ID : CVE-2022-37703 CVE-2022-37705 CVE-2023-30577 Debian Bug : 1021017 1029829 1055253 Multiple vulnerabilties have been found in Amanda,a backup system designed to archive many computers on a network to a single large-capacity tape drive. The vulnerabilties potentially allows local privilege escalation from the backup user to root or leak information whether a directory exists in the filesystem. CVE-2022-37703 In Amanda 3.5.1, an information leak vulnerability was found in the calcsize SUID binary. An attacker can abuse this vulnerability to know if a directory exists or not anywhere in the fs. The binary will use `opendir()` as root directly without checking the path, letting the attacker provide an arbitrary path. CVE-2022-37705 A privilege escalation flaw was found in Amanda 3.5.1 in which the backup user can acquire root privileges. The vulnerable component is the runtar SUID program, which is a wrapper to run /usr/bin/tar with specific arguments that are controllable by the attacker. This program mishandles the arguments passed to tar binary. CVE-2023-30577 The SUID binary "runtar" can accept the possibly malicious GNU tar options if fed with some non-argument option starting with "--exclude" (say --exclude-vcs). The following option will be accepted as "good" and it could be an option passing some script/binary that would be executed with root permissions. For Debian 10 buster, these problems have been fixed in version 1:3.5.1-2+deb10u2. We recommend that you upgrade your amanda packages. For the detailed security status of amanda please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/amanda Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Multiple issues in Amanda can lead to privilege escalation and information leaks; urgent upgrade recommended.. Debian LTS Advisory, amanda backup security, privilege escalation issues, information leak vulnerabilities. . LinuxSecurity.com Team

Calendar 2 Dec 03, 2023 Debian LTS
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorymoderatesecurity issue

Fedora 38: FEDORA-2023-4db1d56125 Moderate: Amanda Security Issue Fix

Update to new upstream version 3.5.4. This brings a fix for a security issue, CVE-2023-30577. This update also fixes the manual pages.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2023-4db1d56125 2023-08-05 01:37:28.394289 -------------------------------------------------------------------------------- Name : amanda Product : Fedora 38 Version : 3.5.4 Release : 3.fc38 URL : https://www.amanda.org/ Summary : A network-capable tape backup solution Description : AMANDA, the Advanced Maryland Automatic Network Disk Archiver, is a backup system that allows the administrator of a LAN to set up a single master backup server to back up multiple hosts to one or more tape drives or disk files. AMANDA uses native dump and/or GNU tar facilities and can back up a large number of workstations running multiple versions of Unix. Newer versions of AMANDA (including this version) can use SAMBA to back up Microsoft(TM) Windows95/NT hosts. The amanda package contains the core AMANDA programs and will need to be installed on both AMANDA clients and AMANDA servers. Note that you will have to install the amanda-client and/or amanda-server packages as well. -------------------------------------------------------------------------------- Update Information: Update to new upstream version 3.5.4. This brings a fix for a security issue, CVE-2023-30577. This update also fixes the manual pages. -------------------------------------------------------------------------------- ChangeLog: * Thu Jul 27 2023 Jason Tibbitts - 3.5.4-3 - Add sources. * Thu Jul 27 2023 Jason Tibbitts - 3.5.4-2 - Fix build of manpages * Thu Jul 27 2023 Jason Tibbitts - 3.5.4-1 - Update to 3.5.4 * Wed Jul 19 2023 Fedora Release Engineering - 3.5.3-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild * Tue Jul 11 2023 Jitka Plesnikova - 3.5.3-4 - Perl 5.38 rebuild * Tue May 2 2023 JosefRidky - 3.5.3-3 - move to SPDX license format * Fri Apr 14 2023 Florian Weimer - 3.5.3-2 - Port configure script to C99 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2208319 - Amanda was built without man pages https://bugzilla.redhat.com/show_bug.cgi?id=2208319 [ 2 ] Bug #2226890 - TRIAGE-CVE-2023-30577 amanda: Improper argument checking for runtar.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2226890 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-4db1d56125' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam, report it: . Upgrade to Fedora 38's amanda version 3.5.4, addressing CVE-2023-30577 and enhancing the man pages for clearer guidance.. Fedora Update, Amanda Backup, Security Update. . LinuxSecurity.com Team

Calendar 2 Aug 05, 2023 Fedora
Banner 4 1028x280 1708121825 1771600306
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorysecurity issueupdate

Fedora 37: 2023-566e354e4a Moderate: amanda Argument Checking Issue

Update to new upstream version 3.5.4. This brings a fix for a security issue, CVE-2023-30577. This update also fixes the manual pages.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2023-566e354e4a 2023-08-05 01:18:36.275568 -------------------------------------------------------------------------------- Name : amanda Product : Fedora 37 Version : 3.5.4 Release : 3.fc37 URL : https://www.amanda.org/ Summary : A network-capable tape backup solution Description : AMANDA, the Advanced Maryland Automatic Network Disk Archiver, is a backup system that allows the administrator of a LAN to set up a single master backup server to back up multiple hosts to one or more tape drives or disk files. AMANDA uses native dump and/or GNU tar facilities and can back up a large number of workstations running multiple versions of Unix. Newer versions of AMANDA (including this version) can use SAMBA to back up Microsoft(TM) Windows95/NT hosts. The amanda package contains the core AMANDA programs and will need to be installed on both AMANDA clients and AMANDA servers. Note that you will have to install the amanda-client and/or amanda-server packages as well. -------------------------------------------------------------------------------- Update Information: Update to new upstream version 3.5.4. This brings a fix for a security issue, CVE-2023-30577. This update also fixes the manual pages. -------------------------------------------------------------------------------- ChangeLog: * Thu Jul 27 2023 Jason Tibbitts - 3.5.4-3 - Add sources. * Thu Jul 27 2023 Jason Tibbitts - 3.5.4-2 - Fix build of manpages * Thu Jul 27 2023 Jason Tibbitts - 3.5.4-1 - Update to 3.5.4 * Wed Jul 19 2023 Fedora Release Engineering - 3.5.3-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild * Tue Jul 11 2023 Jitka Plesnikova - 3.5.3-4 - Perl 5.38 rebuild * Tue May 2 2023 JosefRidky - 3.5.3-3 - move to SPDX license format * Fri Apr 14 2023 Florian Weimer - 3.5.3-2 - Port configure script to C99 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2208319 - Amanda was built without man pages https://bugzilla.redhat.com/show_bug.cgi?id=2208319 [ 2 ] Bug #2226890 - TRIAGE-CVE-2023-30577 amanda: Improper argument checking for runtar.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2226890 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-566e354e4a' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam, report it: . The latest Fedora 37 update addresses CVE-2023-30577 affecting amanda version 3.5.4, and also includes enhancements to manual pages for improved usability.. Fedora Security Update, Amanda Backup Solution, Security Fix, Fedora Advisory, Backup Software. . LinuxSecurity.com Team

Calendar 2 Aug 05, 2023 Fedora
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisoryprivilege escalationsecurity fix

Ubuntu 22.10 USN-5966-3 Moderate: Amanda Security Updates

Several security issues were fixed in amanda.. =========================================================================Ubuntu Security Notice USN-5966-3 April 03, 2023 amanda regression ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.10 - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS Summary: Several security issues were fixed in amanda. Software Description: - amanda: Advanced Maryland Automatic Network Disk Archiver (Client) Details: USN-5966-1 fixed vulnerabilities in amanda. Unfortunately that update caused a regression and was reverted in USN-5966-2. This update provides security fixes for Ubuntu 22.10, Ubuntu 22.04 LTS, Ubuntu 20.04 LTS and Ubuntu 18.04 LTS. We apologize for the inconvenience. Original advisory details: Maher Azzouzi discovered an information disclosure vulnerability in the calcsize binary within amanda. calcsize is a suid binary owned by root that could possibly be used by a malicious local attacker to expose sensitive file system information. (CVE-2022-37703) Maher Azzouzi discovered a privilege escalation vulnerability in the rundump binary within amanda. rundump is a suid binary owned by root that did not perform adequate sanitization of environment variables or commandline options and could possibly be used by a malicious local attacker to escalate privileges. (CVE-2022-37704) Maher Azzouzi discovered a privilege escalation vulnerability in the runtar binary within amanda. runtar is a suid binary owned by root that did not perform adequate sanitization of commandline options and could possibly be used by a malicious local attacker to escalate privileges. (CVE-2022-37705) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 22.10: amanda-client 1:3.5.1-9ubuntu0.3 Ubuntu 22.04 LTS: amanda-client 1:3.5.1-8ubuntu1.3 Ubuntu 20.04LTS: amanda-client 1:3.5.1-2ubuntu0.3 Ubuntu 18.04 LTS: amanda-client 1:3.5.1-1ubuntu0.3 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-5966-3 https://ubuntu.com/security/notices/USN-5966-1 https://bugs.launchpad.net/ubuntu/+source/amanda/+bug/2012536 CVE-2022-37703, CVE-2022-37704, CVE-2022-37705 Package Information: https://launchpad.net/ubuntu/+source/amanda/1:3.5.1-9ubuntu0.3 https://launchpad.net/ubuntu/+source/amanda/1:3.5.1-8ubuntu1.3 https://launchpad.net/ubuntu/+source/amanda/1:3.5.1-2ubuntu0.3 https://launchpad.net/ubuntu/+source/amanda/1:3.5.1-1ubuntu0.3 . Numerous patches have been applied to amanda across different Ubuntu iterations resolving critical vulnerabilities detected within the application.. amanda security, Ubuntu security updates, privilege escalation, information disclosure. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Apr 03, 2023 Important Ubuntu
Banner 4 1028x280 1708121825 1771600306
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedoralocal privilege escalation

Fedora 37 Advisory: Update to Amanda 3.5.3 For Minor Security Threats

Update to version 3.5.3, which contains fixes for three minor security issues as well as other minor bugfixes. https://github.com/zmanda/amanda/releases/tag/tag-community-3.5.3. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2023-e295804b3d 2023-04-02 02:00:15.070719 --------------------------------------------------------------------------------Name : amanda Product : Fedora 37 Version : 3.5.3 Release : 1.fc37 URL : https://www.amanda.org/ Summary : A network-capable tape backup solution Description : AMANDA, the Advanced Maryland Automatic Network Disk Archiver, is a backup system that allows the administrator of a LAN to set up a single master backup server to back up multiple hosts to one or more tape drives or disk files. AMANDA uses native dump and/or GNU tar facilities and can back up a large number of workstations running multiple versions of Unix. Newer versions of AMANDA (including this version) can use SAMBA to back up Microsoft(TM) Windows95/NT hosts. The amanda package contains the core AMANDA programs and will need to be installed on both AMANDA clients and AMANDA servers. Note that you will have to install the amanda-client and/or amanda-server packages as well. --------------------------------------------------------------------------------Update Information: Update to version 3.5.3, which contains fixes for three minor security issues as well as other minor bugfixes. https://github.com/zmanda/amanda/releases/tag/tag-community-3.5.3 --------------------------------------------------------------------------------ChangeLog: * Thu Mar 16 2023 Orion Poplawski - 3.5.3-1 - Update to 3.5.3 - Fixes CVE-2022-37703 (bz#2126849) CVE-2022-37704 (bz#2168789) CVE-2022-37705 (bz#2168797) * Wed Jan 18 2023 Fedora Release Engineering - 3.5.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild * Tue Aug 30 2022 Orion Poplawski - 3.5.2-1 - Update to3.5.2 --------------------------------------------------------------------------------References: [ 1 ] Bug #2104645 - amanda bugfix for build/test issue and missing 1st char in error message https://bugzilla.redhat.com/show_bug.cgi?id=2104645 [ 2 ] Bug #2126849 - CVE-2022-37703 amanda: information leak (discovery of directory existence) [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2126849 [ 3 ] Bug #2168789 - CVE-2022-37704 amanda: rundump: local privilege escalation [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2168789 [ 4 ] Bug #2168797 - CVE-2022-37705 amanda: crafted arguments to the runtar SUID binary leads to local privilege escalation to root [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2168797 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-e295804b3d' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam, report it: . The latest update to Amanda 3.5.3 in Fedora 37 fixes small security vulnerabilities and improves overall backup functionality.. Fedora 37 Update, Amanda3.5.3, Security Patch, Backup Software. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Apr 02, 2023 Important Fedora
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorymoderateupdate

Fedora 36: FEDORA-2023-1293196f34 Moderate Amanda Update

Update to version 3.5.3, which contains fixes for three minor security issues as well as other minor bugfixes. https://github.com/zmanda/amanda/releases/tag/tag-community-3.5.3. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2023-1293196f34 2023-04-02 01:33:23.803433 --------------------------------------------------------------------------------Name : amanda Product : Fedora 36 Version : 3.5.3 Release : 1.fc36 URL : https://www.amanda.org/ Summary : A network-capable tape backup solution Description : AMANDA, the Advanced Maryland Automatic Network Disk Archiver, is a backup system that allows the administrator of a LAN to set up a single master backup server to back up multiple hosts to one or more tape drives or disk files. AMANDA uses native dump and/or GNU tar facilities and can back up a large number of workstations running multiple versions of Unix. Newer versions of AMANDA (including this version) can use SAMBA to back up Microsoft(TM) Windows95/NT hosts. The amanda package contains the core AMANDA programs and will need to be installed on both AMANDA clients and AMANDA servers. Note that you will have to install the amanda-client and/or amanda-server packages as well. --------------------------------------------------------------------------------Update Information: Update to version 3.5.3, which contains fixes for three minor security issues as well as other minor bugfixes. https://github.com/zmanda/amanda/releases/tag/tag-community-3.5.3 --------------------------------------------------------------------------------ChangeLog: * Thu Mar 16 2023 Orion Poplawski - 3.5.3-1 - Update to 3.5.3 - Fixes CVE-2022-37703 (bz#2126849) CVE-2022-37704 (bz#2168789) CVE-2022-37705 (bz#2168797) * Wed Jan 18 2023 Fedora Release Engineering - 3.5.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild * Tue Aug 30 2022 Orion Poplawski - 3.5.2-1 - Update to3.5.2 * Wed Jul 20 2022 Fedora Release Engineering - 3.5.1-37 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild --------------------------------------------------------------------------------References: [ 1 ] Bug #2104645 - amanda bugfix for build/test issue and missing 1st char in error message https://bugzilla.redhat.com/show_bug.cgi?id=2104645 [ 2 ] Bug #2126849 - CVE-2022-37703 amanda: information leak (discovery of directory existence) [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2126849 [ 3 ] Bug #2168789 - CVE-2022-37704 amanda: rundump: local privilege escalation [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2168789 [ 4 ] Bug #2168797 - CVE-2022-37705 amanda: crafted arguments to the runtar SUID binary leads to local privilege escalation to root [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2168797 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-1293196f34' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam, report it: . Fedora 36 revampsamanda, now at version 3.5.3, tackling minor bugs and introducing improvements for backup reliability.. Fedora Update,Amanda Backup,Network Backup Solutions,System Updates,Security Fixes. . LinuxSecurity.com Team

Calendar 2 Apr 02, 2023 Fedora
Banner 4 1028x280 1708121825 1771600306
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here