Il 2021-01-28 19:17 James Pearson ha scritto:
I don't know of another way of testing if this build fixes the issue ?
According to Qualys blog, sudoedit -s '\' `perl -e 'print "A" x 65536'`
should core-dump on vulnerable versions.
I just tried on stock 6.10 and it core-dumps, indeed.
Barry Brimer:
>
> I just installed this on a previously fully updated CentOS Linux 6 (x86_64)
> VM.
> The package installed fine, the sudo functionality still works but according
> to
> the test described in the qualys advisory of running "sudoedit -s /”
> (without quotes) this system is still
I just installed this on a previously fully updated CentOS Linux 6 (x86_64) VM.
The package installed fine, the sudo functionality still works but according to
the test described in the qualys advisory of running "sudoedit -s /” (without
quotes) this system is still vulnerable.
My CentOS Linux
Maxim Shpakov:
>
> You can use oracle linux 6 , it is still supported (till March 2021)
Looks like Oracle's el6 sudo update is now available:
https://yum.oracle.com/repo/OracleLinux/OL6/latest/x86_64/getPackage/sudo-1.8.6p3-29.0.2.el6_10.3.x86_64.rpm
Christian Anthon>
> Centos-6 compatible packages are available from the official sudo
> webpage. It's a later version of sudo and I'm not sure if that will
> cause problems. I've tried installing it and so-far so-good.
>
> https://www.sudo.ws/download.html
One minor problem - if you have sudo
Centos-6 compatible packages are available from the official sudo
webpage. It's a later version of sudo and I'm not sure if that will
cause problems. I've tried installing it and so-far so-good.
https://www.sudo.ws/download.html
Cheers, Christian.
On 27/01/2021 08.38, Gionatan Danti wrote:
I think it is just not released yet. OL6 is on support track still
On Wed, 27 Jan 2021 at 12:33, Simon Matter wrote:
> > Hi
> >
> > You can use oracle linux 6 , it is still supported (till March 2021)
>
> But I don't find this sudo update or the recent openssl update in their
> repos? Is this
Il 2021-01-27 09:34 Walter H. ha scritto:
is that what you expect to find?
https://access.redhat.com/errata/RHSA-2021:0227
Yes, something similar...
Thanks.
--
Danti Gionatan
Supporto Tecnico
Assyoma S.r.l. - www.assyoma.it
email: g.da...@assyoma.it - i...@assyoma.it
GPG public key ID:
> Hi
>
> You can use oracle linux 6 , it is still supported (till March 2021)
But I don't find this sudo update or the recent openssl update in their
repos? Is this for paying customers only or what?
Simon
>
> On Wed, 27 Jan 2021 at 09:38, Gionatan Danti wrote:
>
>> Hi all,
>> do you know if a
Hi
You can use oracle linux 6 , it is still supported (till March 2021)
On Wed, 27 Jan 2021 at 09:38, Gionatan Danti wrote:
> Hi all,
> do you know if a fix for sudo CVE-2021-3156 is available for CentOS 6?
>
> While CentOS 6 is now supported anymore, RedHat has it under its
> payedsupport
is that what you expect to find?
https://access.redhat.com/errata/RHSA-2021:0227
On 27.01.2021 08:38, Gionatan Danti wrote:
Hi all,
do you know if a fix for sudo CVE-2021-3156 is available for CentOS 6?
While CentOS 6 is now supported anymore, RedHat has it under its
payedsupport agreement
Hi all,
do you know if a fix for sudo CVE-2021-3156 is available for CentOS 6?
While CentOS 6 is now supported anymore, RedHat has it under its
payedsupport agreement (see:
https://access.redhat.com/security/vulnerabilities/RHSB-2021-002).
So I wonder if some community-packaged patch
12 matches
Mail list logo
