#9293: sudo-1.8.20p1
-------------------------+-----------------------
Reporter: bdubbs@… | Owner: bdubbs@…
Type: enhancement | Status: assigned
Priority: high | Milestone: 8.1
Component: BOOK | Version: SVN
Severity: normal | Resolution:
Keywords: |
-------------------------+-----------------------
Comment (by bdubbs@…):
What's new in Sudo 1.8.20p1
* Fixed "make check" when using OpenSSL or GNU crypt.
Bug #787.
* Fixed CVE-2017-1000367, a bug parsing /proc/pid/stat on Linux
when the process name contains spaces. Since the user has control
over the command name, this could potentially be used by a user
with sudo access to overwrite an arbitrary file on systems with
SELinux enabled. Also stop performing a breadth-first traversal
of /dev when looking for the device; only a hard-coded list of
directories are checked,
--
Ticket URL: <http://wiki.linuxfromscratch.org/blfs/ticket/9293#comment:3>
BLFS Trac <http://wiki.linuxfromscratch.org/blfs>
Beyond Linux From Scratch
--
http://lists.linuxfromscratch.org/listinfo/blfs-book
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page
