Package: sudo-ldap Version: 1.9.5p2-3 Tags: patch Severity: normal Control: found -1 1.8.2-1
While looking into #783889 I noticed that the sudo binary shipped in sudo-ldap does not use setresuid. The changelog entry for 1.8.2-1 reads: "drop --disable-setresuid since modern systems should not run 2.2 kernels", but apparently only the first configure statement in d/rules was changed. Using a variable for common options should prevent such accidents in the future.
sudo-rules.diff.gz
Description: application/gzip