Change logs for amanda source package in Yakkety

  • amanda (1:3.3.9-1build1) yakkety; urgency=medium
    
      * No-change rebuild for readline soname change.
    
     -- Matthias Klose <email address hidden>  Sat, 17 Sep 2016 11:57:10 +0000
  • amanda (1:3.3.9-1) unstable; urgency=low
    
      * Imported Upstream version 3.3.9
        * Changes for 3.3.9
            * new --with-security-file configure option
              - It set the default security file
              - default to /etc/amanda-security.conf
          * security-fix
              - All previous release of amanda allow the 'amanda' user to execute
                any code as root, and to execute an interactive shell as root.
              - This is a security vulnerability if you do not trust the 'amanda'
                user.
              - There is no need to upgrade if you trust the 'amanda' user and the
                account is secure.
                  - good password
                  - secure xinetd.conf setting
                  - securae .amandahosts setting
              - The 'amanda' user can read all files in the machine, it is what a
                backup program do.
              - The set of fix disable the abilities to run unwanted code as root
                or to write file anywhere in the filesystem.
          * /etc/amanda-security.conf
              - A file that contains security setting.
              - It list all binaries amanda can execute as root
              - restore_by_amanda_user
                  - It tell if the 'amanda' user can do restore as root.
                  - It allow the 'amanda' user to write files anywhere in the
                    filesystem
              - see: man amanda-security.conf
          * amgtar/amstar/ambsdtar/runtar
              - Disable arguments that can fork program.
              - Verify the realpath (with symbolic link resolved) is in the
                amanda-security.conf file.
              - Verify the tar/star/bsdtar realpath program is secure
                  - owned by root and modifiable only by root.
              - On restore, check the restore_by_amanda_user setting if not run
                by root.
    
      * Fix to configure and build with future openssl v1.1, but fail to link.
      * Bump Standards-Version to 3.9.8, no changes needed.
      * New configuration file /etc/amanda-security.conf.
      * Update translations pt_BR (Closes: #816961) and tr (Closes: #759871).
      * Fix uri on Vcs-* fields.
      * Add missing description and author to patches.
      * Use set command to setup options of scripts.
      * Change to new style of rules.
      * Make amanda build reproducible (Closes: #830725).  Thank you Chris Lamb.
    
     -- Jose M Calhariz <email address hidden>  Sat, 13 Aug 2016 10:13:13 +0100
  • amanda (1:3.3.8-1) unstable; urgency=low
    
      * New Upstream version
        * Changes for 3.3.8
          * s3 devices
              New NEARLINE S3-STORAGE-CLASS for Google storage.
              New AWS4 STORAGE-API
          * amcryptsimple
              Works with newer gpg2.
          * amgtar
              Default SPARSE value is NO if tar < 1.28.
              Because a bug in tar with some filesystem.
          * amstar
              support include in backup mode.
          * ampgsql
              Add FULL-WAL property.
          * Many bugs fix.
        * Changes for 3.3.7p1
          * Fix build in 3.3.7
        * Changes for 3.3.7
          * amvault
              new --no-interactivity argument.
              new --src-labelstr argument.
          * amdump
              compute crc32 of the streams and write them to the debug files.
          * chg-robot
              Add a BROKEN-DRIVE-LOADED-SLOT property.
          * Many bugs fix.
      * Refreshed patches.
      * Dropped patches that were applied by the upstream: fix-misc-typos,
        automake-add-missing, fix-amcheck-M.patch,
        fix-device-src_rait-device.c, fix-amreport-perl_Amanda_Report_human.pm
      * Change the email of the maintainer.
      * "wrap-and-sort -at" all control files.
      * swig is a new build depend.
      * Bump standard version to 3.9.7, no changes needed.
      * Replace deprecated dependency perl5 by perl, (Closes: #808209), thank
        you Gregor Herrmann for the NMU.
      * Move flag -DAMANDATES_FILE from build time to configure time.
      * New patch fix-build-amcrc32chw to fix the build of amcr32chw.
      * New patch fix-amgtar-exclude to fix problem with corrupted backups
        with missing exclude files.
      * amanda-common: drop depends on perl and tar.
      * Bump debhelper compat mode to 9.
      * Rename *.lintian to *.lintian-overrides and start using dh_lintian.
      * Remove old depends and replaces on amanda-common.
      * Stop editing amanda-*.substvars.
    
     -- Jose M Calhariz <email address hidden>  Sun, 03 Apr 2016 20:57:58 +0100
  • amanda (1:3.3.6-4.1) unstable; urgency=medium
    
      * Non-maintainer upload with maintainer's permission.
      * Fix "Depends on virtual package "perl5" which will is gone with
        perl/5.22":
        debian/control: drop "perl5" / replace it with "perl" in Depends/Suggests.
        (Closes: #808209)
    
     -- gregor herrmann <email address hidden>  Tue, 29 Dec 2015 02:11:15 +0100