sudo (1.7.0-1ubuntu2.6) karmic-security; urgency=low
* SECURITY UPDATE: privilege escalation via -g when using group Runas_List
- pwutil.c, sudo.h: add user_in_group(), backported from upstream commits
48ca8c2eddf8, 72df368a8a0e and 6ebc55d4716b. This is intended to be used
only with check.c to fix CVE-2011-0010 instead of doing the refactoring.
Going forward, will need to look at this code also if a flaw is found in
this refactored code. If needed, the refactoring work is in 48ca8c2eddf8
and 6ebc55d4716b.
- check.c: prompt for password when the user is running sudo as himself
but as a different group. Based on fe8a94f96542.
- CVE-2011-0010
Date: Wed, 19 Jan 2011 10:46:05 -0600
Changed-By: Jamie Strandboge <[email protected]>
Maintainer: Ubuntu Core Developers <[email protected]>
https://launchpad.net/ubuntu/karmic/+source/sudo/1.7.0-1ubuntu2.6
Format: 1.8
Date: Wed, 19 Jan 2011 10:46:05 -0600
Source: sudo
Binary: sudo sudo-ldap
Architecture: source
Version: 1.7.0-1ubuntu2.6
Distribution: karmic-security
Urgency: low
Maintainer: Ubuntu Core Developers <[email protected]>
Changed-By: Jamie Strandboge <[email protected]>
Description:
sudo - Provide limited super user privileges to specific users
sudo-ldap - Provide limited super user privileges to specific users
Changes:
sudo (1.7.0-1ubuntu2.6) karmic-security; urgency=low
.
* SECURITY UPDATE: privilege escalation via -g when using group Runas_List
- pwutil.c, sudo.h: add user_in_group(), backported from upstream commits
48ca8c2eddf8, 72df368a8a0e and 6ebc55d4716b. This is intended to be used
only with check.c to fix CVE-2011-0010 instead of doing the refactoring.
Going forward, will need to look at this code also if a flaw is found in
this refactored code. If needed, the refactoring work is in 48ca8c2eddf8
and 6ebc55d4716b.
- check.c: prompt for password when the user is running sudo as himself
but as a different group. Based on fe8a94f96542.
- CVE-2011-0010
Checksums-Sha1:
968202b78a8ee08ed8668abb93279ed3bbf6fa9c 1757 sudo_1.7.0-1ubuntu2.6.dsc
9c5f6aba2845fa9308b6081dcb2c3898bb40b49f 26877 sudo_1.7.0-1ubuntu2.6.diff.gz
Checksums-Sha256:
8fed3d27452d841a94445c4213fee5425e9b2736a1d3e54a8aec998488f7c87f 1757
sudo_1.7.0-1ubuntu2.6.dsc
3914634dff3c68f94082303340f7b7bef27b166ff493ad91256ff06830533a18 26877
sudo_1.7.0-1ubuntu2.6.diff.gz
Files:
41c6991abbfea6b7cbe6708ab07d2186 1757 admin optional sudo_1.7.0-1ubuntu2.6.dsc
0a131d32d3d6cb4810b95ba5421346b6 26877 admin optional
sudo_1.7.0-1ubuntu2.6.diff.gz
Original-Maintainer: Bdale Garbee <[email protected]>
--
Karmic-changes mailing list
[email protected]
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/karmic-changes
