| Package | regression |
|---|---|
| Version | 1:3.3.9-5+deb9u3 (stretch) |
A fix of CVE-2022-37704 for amanda, the Advanced Maryland Automatic Network Disk Archiver, has been found incomplete. This update fixes handling of RSH environment variables and uses a correct check for dump/xfsdump.
For Debian 9 stretch, these problems have been fixed in version 1:3.3.9-5+deb9u3.
We recommend that you upgrade your regression packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.