Hi,
Proposed debdiff aiming for jessie is attached.
Regards,
Salvatore
diff -Nru sudo-1.8.10p3/debian/changelog sudo-1.8.10p3/debian/changelog
--- sudo-1.8.10p3/debian/changelog 2015-01-19 06:56:53.0 +0100
+++ sudo-1.8.10p3/debian/changelog 2015-02-18 17:55:25.0 +0100
Package: sudo
Version: 1.8.11p2-1
Tags: security
By default, sudo preserves the TZ variable[1] from user's environment,
without any sanitization. This is a bad idea on glibc systems, where you
can set TZ to an arbitrary file, which will then be read by tzset(3):
$ TZ=$PWD/tz sudo -u root
2 matches
Mail list logo
