Package: sudo Version: 1.6.8p12-4 Severity: important Tags: security As described in http://www.securityfocus.com/bid/24287 sudo is vulnerable to an exploit where the executed command can be altered/replaced using ptrace(). (Permission in the /etc/sudoers file to run the altered command is still needed, but this vulnerability IMO has high security impact still.)
Sorry if it's a duplicate and I missed the first report. Best regards, norbi -- System Information: Debian Release: 4.0 APT prefers stable APT policy: (700, 'stable'), (660, 'oldstable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.18 Locale: LANG=C, LC_CTYPE=hu_HU (charmap=ISO-8859-2) Versions of packages sudo depends on: ii libc6 2.3.6.ds1-13 GNU C Library: Shared libraries ii libpam-modules 0.79-4 Pluggable Authentication Modules f ii libpam0g 0.79-4 Pluggable Authentication Modules l sudo recommends no packages. -- debconf-show failed -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

