-=| Jose M Calhariz, 02.02.2023 19:20:23 +0000 |=- > This is my first security update, can I ask what is the procedure or > where is documented?
https://www.debian.org/doc/manuals/developers-reference/pkgs.en.html#bug-security-building https://www.debian.org/doc/manuals/developers-reference/pkgs.en.html#bug-security -- Damyan > On January 28, 2023 12:59:09 PM GMT+00:00, Salvatore Bonaccorso > <car...@debian.org> wrote: > > Source: amanda > Version: 1:3.5.1-9 > Severity: grave > Tags: security upstream > Justification: user security hole > X-Debbugs-Cc: car...@debian.org, Debian Security Team > <t...@security.debian.org> > > Hi, > > The following vulnerabilities were published for amanda. > > CVE-2022-37704[0], CVE-2022-37705[1]. > > If you fix the vulnerabilities please also make sure to include the > CVE (Common Vulnerabilities & Exposures) ids in your changelog entry. > > For further information see: > > [0] https://security-tracker.debian.org/tracker/CVE-2022-37704 > https://www.cve.org/CVERecord?id=CVE-2022-37704 > [1] https://security-tracker.debian.org/tracker/CVE-2022-37705 > https://www.cve.org/CVERecord?id=CVE-2022-37705 > [2] https://github.com/zmanda/amanda/issues/192 > > Please adjust the affected versions in the BTS as needed. > > Regards, > Salvatore >