Security update for amanda
This update for amanda fixes the following issues:
- CVE-2022-37704: fix privilege escalation via rundump (boo#1208033, gh#zmanda/amanda#195)
- CVE-2022-37705: fix privilege escalation via runtar suid binary (boo#1208032, gh#zmanda/amanda#194)
-
Submitted by
Daniel Garcia (dgarcia)
Fixed bugs
bnc#1208032
VUL-0: CVE-2022-37705: amanda: crafted arguments to the runtar SUID binary leads to local privilege escalation to root
bnc#1208033
VUL-0: CVE-2022-37704: amanda: rundump: local privilege escalation
