sudo 1.8.27-1+deb10u3 source package in Debian
Changelog
sudo (1.8.27-1+deb10u3) buster-security; urgency=high
* Non-maintainer upload by the Security Team.
* Sanity check size when converting the first record to TS_LOCKEXCL
* Heap-based buffer overflow (CVE-2021-3156)
- Reset valid_flags to MODE_NONINTERACTIVE for sudoedit
- Add sudoedit flag checks in plugin that are consistent with front-end
- Fix potential buffer overflow when unescaping backslashes in user_args
- Fix the memset offset when converting a v1 timestamp to TS_LOCKEXCL
- Don't assume that argv is allocated as a single flat buffer
-- Salvatore Bonaccorso <email address hidden> Wed, 20 Jan 2021 13:26:17 +0100
Upload details
- Uploaded by:
- Bdale Garbee
- Uploaded to:
- Buster
- Original maintainer:
- Bdale Garbee
- Architectures:
- any
- Section:
- admin
- Urgency:
- Very Urgent
See full publishing history Publishing
| Series | Published | Component | Section | |
|---|---|---|---|---|
| Buster | release | main | admin |
Builds
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| sudo_1.8.27-1+deb10u3.dsc | 2.1 KiB | fa25a83685cb69b0313e3f6c775c0f2a2878d77ab901d3c0778f17ce9d530cc1 |
| sudo_1.8.27.orig.tar.gz | 3.1 MiB | 7beb68b94471ef56d8a1036dbcdc09a7b58a949a68ffce48b83f837dd33e2ec0 |
| sudo_1.8.27-1+deb10u3.debian.tar.xz | 30.1 KiB | 9ed1562303725a5d307c637cca3dbb65020b308b082f714b2d86cb2848c26d14 |
No changes file available.
