Re: sudo fix for SL6

2021-01-29 Thread Konstantin Olchanski
On Thu, Jan 28, 2021 at 11:28:04AM +, Rhys Morris wrote: > ... from the official sudo webpage Ok, looks like this is it. from sudo.sw, version 1.9.5p2 fixes CVE-2021-3156, download the el6 rpm file, install, looks okey. both 64-bit and 32-bit RPMs are available. [root@ladd00 ~]# rpm --upgrad

Re: sudo fix for SL6

2021-01-29 Thread Takashi Ichihara
On 2021/01/29 3:55, greg wrote: (After) [SL6]$ sudoedit -s / usage: sudoedit [-AknS] [-r role] [-t type] [-C num] [-D directory] [-g group] [-h host] [-p prompt] [-R directory] [-T timeout] [-u user] file ... FWIW, according to https://urldefense.proofpoint.com/v2/url?u=ht

Re: sudo fix for SL6

2021-01-28 Thread greg
> (After) > > [SL6]$ sudoedit -s / > usage: sudoedit [-AknS] [-r role] [-t type] [-C num] [-D directory] [-g > group] [-h host] [-p prompt] > [-R directory] [-T timeout] [-u user] file ... FWIW, according to https://urldefense.proofpoint.com/v2/url?u=https-3A__www.sudo.ws_alert

Re: sudo fix for SL6

2021-01-28 Thread Takashi Ichihara
On 2021/01/28 20:28, Rhys Morris wrote: From the Centos list: Wed 27/01/2021 13:20 From Anton To: cen...@centos.org Centos-6 compatible packages are available from the official sudo webpage. It's a later version of sudo and I'm not sure if that will cause problems. I've tried installing it an

Re: sudo fix for SL6

2021-01-28 Thread Rhys Morris
>From the Centos list: Wed 27/01/2021 13:20 >From Anton To: cen...@centos.org Centos-6 compatible packages are available from the official sudo webpage. It's a later version of sudo and I'm not sure if that will cause problems. I've tried installing it and so-far so-good. https://urldefense.proo

Re: sudo fix for SL6

2021-01-27 Thread Götz Waschk
Am 28.01.21 um 00:02 schrieb Konstantin Olchanski: > sudo is broken, CVE-2021-3156. Fixed packages are out for el7, el8, ubuntu. > > There is a fixed package for RHEL6, sudo-1.8.6p3-29.el6_10.4.x86_64.rpm, see > https://urldefense.proofpoint.com/v2/url?u=https-3A__access.redhat.com_errata_RHSA-2D2

Re: sudo fix for SL6

2021-01-27 Thread Adam Mercer
On 1/27/21 4:02 PM, Konstantin Olchanski wrote: Now, any chance of fixed package for SL6? (just checked, no fix in CERN SLC6, no fix in EPEL). I was under the impression that SL6 went EOL in November 2020, so I imagine there won't be an update. Cheers Adam OpenPGP_0xAB075F2AA0101627.as

sudo fix for SL6

2021-01-27 Thread Konstantin Olchanski
sudo is broken, CVE-2021-3156. Fixed packages are out for el7, el8, ubuntu. There is a fixed package for RHEL6, sudo-1.8.6p3-29.el6_10.4.x86_64.rpm, see https://urldefense.proofpoint.com/v2/url?u=https-3A__access.redhat.com_errata_RHSA-2D2021-3A0227&d=DwIBAg&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySV