An update for amanda is now available for HCE 2.0

HCE2-SA-2023-0121 An update for amanda is now available for HCE 2.0 Moderate HCE 2.0 Security Fix(es): A flaw was found in Amanda. The rundump SUID binary executes /usr/sbin/dump as root without properly validating its arguments, possibly leading to escalation of privileges from the regular user "amandabackup" to root. (CVE-2022-37704) A flaw was found in Amanda. The runtar SUID binary executes /usr/bin/tar as root without properly validating its arguments, possibly leading to escalation of privileges from the regular user "amandabackup" to root. (CVE-2022-37705) HCE 2.0 amanda-3.5.1-21.hce2.aarch64.rpm amanda-help-3.5.1-21.hce2.noarch.rpm amanda-3.5.1-21.hce2.x86_64.rpm