Date: Mon, 26 Feb 2001 13:23:08 -0300
Subject: [CLA-2001:381] Conectiva Linux Security Announcement -
CONECTIVA LINUX SECURITY ANNOUNCEMENT
PACKAGE : sudo
SUMMARY : Local buffer overflow
DATE : 2001-02-26 13:22:00
ID : CLA-2001:381
RELEASES : 4.0, 4.0es, 4.1, 4.2, 5.0, prg gráficos, ecommerce, 5.1, 6.0
"sudo" is a program used to delegate superuser privileges to
ordinary users and only for specific commands. There is a buffer
overflow vulnerability in sudo which could be used by an attacker
to obtain higher privileges.
All sudo users should upgrade the package.
The problem was reported in sudo's bugzilla by
firstname.lastname@example.org and the author, Todd C. Miller, released an
Users of Conectiva Linux version 6.0 or higher may use apt to
perform upgrades of RPM packages:
- add the following line to /etc/apt/sources.list if it is not
there yet (you may also use linuxconf to do this):
Some of the products that appear on this site are from companies from which QuinStreet receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. QuinStreet does not include all companies or all types of products available in the marketplace.