git.openpandora.org / openembedded.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 124f2ee) | patch
sudo: upgrade to 1.6.8p12 due to CVE-2005-1993
authorMarcin Juszkiewicz <hrw@openembedded.org>
Tue, 22 Nov 2005 15:00:10 +0000 (15:00 +0000)
committerOpenEmbedded Project <openembedded-devel@lists.openembedded.org>
Tue, 22 Nov 2005 15:00:10 +0000 (15:00 +0000)
commit521f9e0029d97055d7cd8cade39924b76718ff41
tree1f883e62ae71d4d76b532ec9e205b5c104010bb5tree | snapshot
parent124f2ee8215b7570476a83168b1f57e1ea981c8dcommit | diff
sudo: upgrade to 1.6.8p12 due to CVE-2005-1993
- Race condition in sudo 1.3.1 up to 1.6.8p8, when the ALL pseudo-command is
  used after a user entry in the sudoers file, allows local users to gain
  privileges via a symlink attack.
- Thanks to Jamie Lenehan for notice
- close #486
packages/sudo/sudo_1.6.8p12.bb [moved from packages/sudo/sudo_1.6.8p8.bb with 95% similarity] diff | blob | history
Clone of mainline OpenEmbedded repository