Your message dated Sun, 29 Sep 2024 12:32:09 +0000
with message-id <e1sut5t-006jy3...@fasolo.debian.org>
and subject line Bug#1081049: fixed in amanda 1:3.5.1-11+deb12u2
has caused the Debian Bug report #1081049,
regarding amanda: Another fix for the CVE-2022-37704 fix
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
1081049: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1081049
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: amanda-client
Version: 1:3.5.1-10
Severity: serious
Tags: patch
Forwarded:
https://github.com/zmanda/amanda/pull/205/commits/b930189c06290a23aba177687b2f123590323be1
"In the case of xfsdump(8), the check for dump(8) options was invoked
instead of the check for the xfsdump(8). This broke legitimate use of
xfsdump, while leaving the vulnerability open."
--- End Message ---
--- Begin Message ---
Source: amanda
Source-Version: 1:3.5.1-11+deb12u2
Done: Adrian Bunk <b...@debian.org>
We believe that the bug you reported is fixed in the latest version of
amanda, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 1081...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Adrian Bunk <b...@debian.org> (supplier of updated amanda package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Wed, 18 Sep 2024 23:05:35 +0300
Source: amanda
Architecture: source
Version: 1:3.5.1-11+deb12u2
Distribution: bookworm
Urgency: medium
Maintainer: Jose M Calhariz <calha...@debian.org>
Changed-By: Adrian Bunk <b...@debian.org>
Closes: 1081049
Changes:
amanda (1:3.5.1-11+deb12u2) bookworm; urgency=medium
.
* Non-maintainer upload.
* The fix for CVE-2022-37704 was incomplete and also broke some
xfsdump usecases. (Closes: #1081049)
Checksums-Sha1:
a40785c40a32516440b338e70d53c6270836d585 2248 amanda_3.5.1-11+deb12u2.dsc
a92fa595ad525e3cc86565a81353220c146a0ac4 5239952 amanda_3.5.1.orig.tar.gz
7fee515f8f6ca31a27dc8cbfbadba964e467bdd2 60096
amanda_3.5.1-11+deb12u2.debian.tar.xz
Checksums-Sha256:
02f76777684d92eb71db8f4652534ef143678594499f5dc569ffe8836e5744ed 2248
amanda_3.5.1-11+deb12u2.dsc
6cb9a13fb7a09970d288ddb2c380e7165c5fe38b85bc761ca7ffe334bc5c534b 5239952
amanda_3.5.1.orig.tar.gz
206c9a52d2d458705274ada9d5cb78c07be9e7d9aa833d715b1a7fa6b33fad01 60096
amanda_3.5.1-11+deb12u2.debian.tar.xz
Files:
68e3b2ccde8eabc65cdf3225d6ed412b 2248 utils optional
amanda_3.5.1-11+deb12u2.dsc
a780f158cbbacfb017ce4a519120b772 5239952 utils optional
amanda_3.5.1.orig.tar.gz
2f5a5ff90a218639b1abad38f256c780 60096 utils optional
amanda_3.5.1-11+deb12u2.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAmb4Nq0ACgkQiNJCh6LY
mLEPfxAAvkqepb2d0m5aKhZXqP8q2DehTckcKM0JLO5fZgkLwsXhQz5gOb8waMhc
y5TYPQGKIJNbgxT2ry6Or+Wv9SFj1QzcJP2TJsHblpTVzMrs84Q6hMwbb8zSTWPL
d+3ebIA4wtMQt3iQMM8orjfgCpNXYfAT//coY15m59R4cCW8uwtR3Rl00aRLW/3L
RpOGRpi+JbBzM5P79HSgyJOf8lzJ+yFcOtiyoxbUwIhR09MA4fpL4xxRupX3ulYX
CoOk8hiX46tPBXJpGO4exCCd5+c/3Knp3J6kLOUyOGae+IGzqXhSTV1mgdhYuieT
jliNcY2kuNZeXShQd2jlM3wRteXqGMuaE0ATaq/+kbnHQdWoYRtuW21YzOtr0PbK
neatShIGgrvW4b1ukf3y5xtWwz9BNqQLRg6O8d+kV9bxkh3mXJeMLmXtr39mdU9z
Ze8VJoYlCJ9p5vjECPJ3yajDIQs/rpt9irhIqaLj1ftxopLTfJoeZLEgE9IdnrdM
fWKtwmIiq+SrIL5g+DJLeWDt4QdgjPKYycLOWxYDLLFB59frPlcD3BJvhej5XWP7
JR5ZTpJDv03MOMq6dRnhDNG7UtGiCi/5YlYqCAwB2pxtIINhSWUoR8iRcEImkjRE
pVtZ5NkoHB5DkOMwjg73Xxb3b/ut0SlUvS0VvMhyiUatd/a7SGc=
=fhOw
-----END PGP SIGNATURE-----
pgpSsI1AWHQM9.pgp
Description: PGP signature
--- End Message ---
