View Full Version : [SECURITY ALERT] Vulnerability in Amanda-3.1.2 - Upgrade to 3.1.3

October 5th, 2010, 10:22 AM
The Amanda development team has discovered a security vulnerability introduced in Amanda-3.1.2. The vulnerability affects both Amanda servers and clients, and could lead to remote execution of code as the Amanda user.

The problem is fixed in Amanda-3.1.3, which is released today. It is a patch release in the 3.1.x series, and contains the fix for this security vulnerability as well as fixes for several other significant bugs in 3.1.2.

This upgrade should be considered a high priority upgrade.

Updated images and tarballs are available at

- http://www.amanda.org
- https://sourceforge.net/project/showfiles.php?group_id=120
- http://www.zmanda.com/download-amanda.php

A permanent copy of this alert is at

- http://www.amanda.org/secalert-3-1-2.php

The MD5 sum for the release tarball is