Re: Sudo security advisory
On Mon, Jan 30, 2012 at 10:56:44AM -0500, Mike Tancsa wrote: > Hi, > > > http://www.gratisoft.us/sudo/alerts/sudo_debug.html > > >From the advisory, > > Successful exploitation of the bug will allow a user to run arbitrary > commands as root. > Exploitation of the bug does *not* require that the attacker be listed > in the sudoers file. As such, we strongly suggest that affected sites > upgrade from affected sudo versions as soon as possible. Turns out my son is taking a longer than usual nap, which gave me enough time to get the update in the tree and a VuXML entry in for it. Please wait for them to mirror out. If you have any untrusted users you really should update quickly. If there are any problems please let me know. -- WXS ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"
Re: Sudo security advisory
On Mon, Jan 30, 2012 at 10:56:44AM -0500, Mike Tancsa wrote: > Hi, > > > http://www.gratisoft.us/sudo/alerts/sudo_debug.html > > >From the advisory, > > Successful exploitation of the bug will allow a user to run arbitrary > commands as root. > Exploitation of the bug does *not* require that the attacker be listed > in the sudoers file. As such, we strongly suggest that affected sites > upgrade from affected sudo versions as soon as possible. I was aware of this last night but was not planning on touching a computer until I'm officially off vacation tomorrow. However, I think I have enough time today to get the updated version in the tree along with a VuXML entry. Update your ports tree later tonight and hopefully it will be in there. -- WXS ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"
Sudo security advisory
Hi, http://www.gratisoft.us/sudo/alerts/sudo_debug.html >From the advisory, Successful exploitation of the bug will allow a user to run arbitrary commands as root. Exploitation of the bug does *not* require that the attacker be listed in the sudoers file. As such, we strongly suggest that affected sites upgrade from affected sudo versions as soon as possible. ---Mike -- --- Mike Tancsa, tel +1 519 651 3400 Sentex Communications, m...@sentex.net Providing Internet services since 1994 www.sentex.net Cambridge, Ontario Canada http://www.tancsa.com/ ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"