Skip to content
Commit 8f8bd813 authored by Cy Schubert's avatar Cy Schubert
Browse files

security/sudo: Update to 1.9.12p2

Major changes between sudo 1.9.12p2 and 1.9.12p1:

 * Fixed a compilation error on Linux/aarch64.  GitHub issue #197.

 * Fixed a potential crash introduced in the fix for GitHub issue #134.
   If a user's sudoers entry did not have any RunAs user's set,
   running "sudo -U otheruser -l" would dereference a NULL pointer.

 * Fixed a bug introduced in sudo 1.9.12 that could prevent sudo
   from creating a I/O files when the "iolog_file" sudoers setting
   contains six or more Xs.

 * Fixed CVE-2023-22809, a flaw in sudo's -e option (aka sudoedit)
   that coud allow a malicious user with sudoedit privileges to
   edit arbitrary files.

PR:		269030
Submitted by:	cy
Reported by:	cy
Approved by:	garga
MFH:		2023Q1
Security:	CVE-2023-22809
parent 76cbc2c0
Loading
Loading
Loading
Loading
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment