Bug#804149: marked as done (CVE-2015-5602: Unauthorized privilege escalation in sudoedit)

Thu, 14 Jan 2016 15:21:37 -0800 

Your message dated Thu, 14 Jan 2016 23:17:09 +0000
with message-id <[email protected]>
and subject line Bug#804149: fixed in sudo 1.8.10p3-1+deb8u3
has caused the Debian Bug report #804149,
regarding CVE-2015-5602: Unauthorized privilege escalation in sudoedit
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
804149: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=804149
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message --- 
Package: sudo
Version: 1.7.4p4-2.squeeze.4
Severity: critical
Tags: upstream security
Justification: root security hole

Hi,

Apparently a security has been disclosed (CVE-2015-5602) allowing users
to open files with sudoedit that is not supposed to using a symlinks,
see: https://www.exploit-db.com/exploits/37710/

Upstream has released a new fixed version by no following the symlinks
by default.

But according to this comment[0], this is not fixing the issue
completely.

Cheers,

Laurent Bigonville

[0]
https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/1512781/comments/1

--- End Message ---
--- Begin Message --- 
Source: sudo
Source-Version: 1.8.10p3-1+deb8u3

We believe that the bug you reported is fixed in the latest version of
sudo, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Ben Hutchings <[email protected]> (supplier of updated sudo package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 05 Jan 2016 19:37:34 +0000
Source: sudo
Binary: sudo sudo-ldap
Architecture: source
Version: 1.8.10p3-1+deb8u3
Distribution: jessie-security
Urgency: medium
Maintainer: Bdale Garbee <[email protected]>
Changed-By: Ben Hutchings <[email protected]>
Description:
 sudo       - Provide limited super user privileges to specific users
 sudo-ldap  - Provide limited super user privileges to specific users
Closes: 804149
Changes:
 sudo (1.8.10p3-1+deb8u3) jessie-security; urgency=medium
 .
   * Non-maintainer upload
   * Disable editing of files via user-controllable symlinks
     (Closes: #804149) (CVE-2015-5602)
     - sudoedit path restriction bypass using symlinks
     - Change warning when user tries to sudoedit a symbolic link
     - Open sudoedit files with O_NONBLOCK and fail if they are not regular 
files
     - Remove S_ISREG check from sudo_edit_open(), it is already done in the
       caller
     - Add directory writability checks for sudoedit
     - Fix directory writability checks for sudoedit
     - Enable sudoedit directory writability checks by default
Checksums-Sha1:
 a78ae5edd23eab94de70c67b43814e950fd2548a 1999 sudo_1.8.10p3-1+deb8u3.dsc
 ed45b25da17c82e0d2cfed98cb4bfd45617c91d9 2262370 sudo_1.8.10p3.orig.tar.gz
 0f8cde331547cef187863b701d3dc133bf6c0c40 100872 
sudo_1.8.10p3-1+deb8u3.debian.tar.xz
Checksums-Sha256:
 3b45c5c5ded8b9884302bf86d759e0997fccd386ee7003a90463c77a1d0ba9f2 1999 
sudo_1.8.10p3-1+deb8u3.dsc
 6eda135fa68163108f1c24de6975de5ddb09d75730bb62d6390bda7b04345400 2262370 
sudo_1.8.10p3.orig.tar.gz
 5b365f9ebec1a79a76aa6d72b83b14232abe493de106c38cb46504b896e6ed8c 100872 
sudo_1.8.10p3-1+deb8u3.debian.tar.xz
Files:
 bdd0efc63d3b83294baa4a8e4e29781d 1999 admin optional sudo_1.8.10p3-1+deb8u3.dsc
 fcd8d0d9f9f0397d076ee901e242ed39 2262370 admin optional 
sudo_1.8.10p3.orig.tar.gz
 de8a725b548cffd954c6990f3f24becd 100872 admin optional 
sudo_1.8.10p3-1+deb8u3.debian.tar.xz

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBVpLq8+e/yOyVhhEJAQpMNA/+IPPK2VJCatflFsOu7s+88uKQyor4W4gS
MNSAkoxG1mm3K2J2pmBhP2kXplqX7d2Rh9sKVp3p3UDr70i7PSy2g+UoURRUoni3
oU22NOs/KAIAWbMBKhcYPvJgxe3gZ4VCrvHR6FqS6rcR8WkkTxDZqJ7WgZAmchs3
raflchad6WDZtZmNCHBKgc1g1+fqJUFHPTNuOob3rKfOGI+y9Pvg/9uE+rK0HjKW
4wMPwQAi8xpydcWaN0129t4L/pXf2s6lfbDRyAVYyS3S6r8io3hVItzvBjRaCd3o
0yvu+XG6F5Oilcehpwre+6xlLJYzrHzfm0AqJ0KgzU0CwYuMQ/e0bOTOV2RInX0W
1dyngTeRHgm+IL+OksNoR6S70NoF/KW20iDa6xr8ZH/l1DnypkkfbG5PSCXqx5Y5
4/Z1TY+7phozWXWWv4LFSumJ2Ifzt3UeQC4hGShlUATMcndH7bdwl/2bt1KIkDAc
BOhEyp3xUOBBINv0fpSoNWLxLscaiz+8B+yJu54snVmVDs81ZxB/VnHNGUmdGsH9
Q7Sg9VgNxCmGkLWCKwg2RGQIWuT0iv6ABMVKYZhZog8Co3rf6qrE/58NhrxTQ4tg
1plNoIn1wBNDOLOMBhk/gBQ7qYqQ9pypDzh6W5M+4K8Tr+48TLOYfD7yon8bvNhy
n70Ikm0Zir4=
=Zwf9
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to