[ubuntu/eoan-proposed] sudo 1.8.27-1ubuntu4 (Accepted)
Marc Deslauriers
marc.deslauriers at ubuntu.com
Tue Oct 15 11:53:03 UTC 2019
sudo (1.8.27-1ubuntu4) eoan; urgency=medium
* SECURITY UPDATE: privilege escalation via UID -1
- debian/patches/CVE-2019-14287.patch: treat an ID of -1 as invalid
in lib/util/strtoid.c.
- debian/patches/CVE-2019-14287-2.patch: fix and add to tests in
lib/util/regress/atofoo/atofoo_test.c,
plugins/sudoers/regress/testsudoers/test5.out.ok,
plugins/sudoers/regress/testsudoers/test5.sh.
- CVE-2019-14287
Date: Tue, 15 Oct 2019 07:09:02 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/sudo/1.8.27-1ubuntu4
-------------- next part --------------
Format: 1.8
Date: Tue, 15 Oct 2019 07:09:02 -0400
Source: sudo
Architecture: source
Version: 1.8.27-1ubuntu4
Distribution: eoan
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Changes:
sudo (1.8.27-1ubuntu4) eoan; urgency=medium
.
* SECURITY UPDATE: privilege escalation via UID -1
- debian/patches/CVE-2019-14287.patch: treat an ID of -1 as invalid
in lib/util/strtoid.c.
- debian/patches/CVE-2019-14287-2.patch: fix and add to tests in
lib/util/regress/atofoo/atofoo_test.c,
plugins/sudoers/regress/testsudoers/test5.out.ok,
plugins/sudoers/regress/testsudoers/test5.sh.
- CVE-2019-14287
Checksums-Sha1:
1276836a6232bf9dc839df005e9321b5bafa5a05 2080 sudo_1.8.27-1ubuntu4.dsc
eef3d22b45cf92cb6884d38b8a98809067f8d922 32900 sudo_1.8.27-1ubuntu4.debian.tar.xz
02c9d3bc5872c15d90619acd2e9686fd733db3a3 6765 sudo_1.8.27-1ubuntu4_source.buildinfo
Checksums-Sha256:
765751e16b69c5adf318b7b05b06d59101a2cb5efa4020d9fc9a00ffe8d97aae 2080 sudo_1.8.27-1ubuntu4.dsc
a22b0b149a7ae089c7f53a7b78f0bc7ff52a45947a7613d981cfc314a89196ba 32900 sudo_1.8.27-1ubuntu4.debian.tar.xz
7e838b205f40a66a21b4b492b816c4628c8417a8ad98833b84bde3dae609ced9 6765 sudo_1.8.27-1ubuntu4_source.buildinfo
Files:
5363c1f572878f483f08ecb37525656b 2080 admin optional sudo_1.8.27-1ubuntu4.dsc
07c13fb24c77c26b6f6469390eaad582 32900 admin optional sudo_1.8.27-1ubuntu4.debian.tar.xz
f49638d38af5efbce7bf36afe83e0e8c 6765 admin optional sudo_1.8.27-1ubuntu4_source.buildinfo
Original-Maintainer: Bdale Garbee <bdale at gag.com>
More information about the Eoan-changes
mailing list