Package: sudo
Version: 1.6.8p7-1.3
Severity: critical
Justification: breaks unrelated software
This version of sudo is practically unuseable because all environment
variables are removed. Try the following in 1.6.8p7-1.2 and
1.6.8p7-1.3:
sudo env
You'll quickly notice that none of the user
After reviewing the patch differences between 1.2 and 1.3 I can see why
it's broken. Looks like [EMAIL PROTECTED] submitted a half-done
security patch.
His end goal of making sudo require users to white-list environment
variables rather than black-list them may have merit or it may not. It
2 matches
Mail list logo
