Source: sudo Version: 1.8.10p3-1 Severity: important Tags: patch upstream Hi
sudo 1.8.20p2 fixes an issue in parsing /proc/[pid]/stat when the process name contains a newline. The bug is not exploitable due to the changes in how /dev is traversed made in sudo 1.8.20p1 for CVE-2017-1000367. Still it is probably good to have it fixed in a point release as well for stable releases (or if accepted by the release team as well targetted for stretch). Announce: https://www.sudo.ws/pipermail/sudo-announce/2017-May/000155.html Regards, Salvatore