Moderated list for general sudo announcements

Todd C. Miller | 20 Feb 2010 14:43

sudo 1.7.2p3 released

Sudo version 1.7.2p3 is now available.  This is a bug fix release.

Download links:
    http://www.sudo.ws/sudo/dist/sudo-1.7.2p3.tar.gz
    ftp://ftp.sudo.ws/pub/sudo/sudo-1.7.2p3.tar.gz

For a list of download mirror sites, see:
    http://www.sudo.ws/sudo/download.html

Sudo web site:
    http://www.sudo.ws/sudo/

Sudo web site mirrors:
    http://www.sudo.ws/sudo/mirrors.html

Major changes between sudo 1.7.2p2 and 1.7.2p3:

 * Fix printing of entries with multiple host entries on a single line.

 * Fix use after free when sending error messages via email.

 * Use setrlimit64(), if available, instead of setrlimit() when
   setting AIX resource limits since rlim_t is 32bits.

 * Fix size arg when realloc()ing include stack.

 * Avoid a duplicate fclose() of the sudoers file.

Major changes between sudo 1.7.2p1 and 1.7.2p2:

(Continue reading)

headers

Todd C. Miller | 25 Feb 2010 13:28

Privilege escalation bug with sudoedit

Sudo versions 1.7.2p4 and 1.6.9p21 are now available.  These releases
fix a privilege escalation bug in the sudoedit functionality.

Summary:
    A flaw in exists in sudo's -e option (aka sudoedit) in sudo
    versions 1.6.9 through 1.7.2p3 that may give a user with
    permission to run sudoedit the ability to run arbitrary commands.

Sudo versions affected:
    1.6.9 through 1.7.2p3 inclusive.

Download links:
    http://www.sudo.ws/sudo/dist/sudo-1.7.2p4.tar.gz
    ftp://ftp.sudo.ws/pub/sudo/sudo-1.7.2p4.tar.gz
    http://www.sudo.ws/sudo/dist/sudo-1.6.9p21.tar.gz
    ftp://ftp.sudo.ws/pub/sudo/sudo-1.6.9p21.tar.gz

Details:
    When sudo performs its command matching, there is a special
    case for pseudo-commands in the sudoers file (currently, the
    only pseudo-command is sudoedit).  Unlike a regular command,
    pseudo-commands do not begin with a slash ('/').

    The flaw is that sudo's the matching code would only check
    against the list of pseudo-commands if the user-specified command
    also contained no slashes.  As a result, if the user ran "sudo
    ./sudoedit" the normal matching code path was followed, which
    uses stat(2) to verify that the user-specified command matches
    the one in sudoers.  In this case, it would compare the
    "./sudoedit" specified by the user with "sudoedit" from the

(Continue reading)

Mon	Tue	Wed	Thu	Fri	Sat	Sun

1	2	3	4	5	6	7
8	9	10	11	12	13	14
15	16	17	18	19	20	21
22	23	24	25	26	27	28

1	June 2013
1	April 2013
2	February 2013
2	January 2013
4	September 2012
1	August 2012
4	May 2012
1	March 2012
2	February 2012
1	January 2012
2	October 2011
1	August 2011
1	May 2011
2	April 2011
1	March 2011
2	January 2011
1	September 2010
3	August 2010
3	June 2010
1	April 2010
2	February 2010
2	December 2009
2	July 2009
1	April 2009
1	February 2009
2	December 2008
1	November 2008
1	June 2008
1	May 2008
2	March 2008
1	February 2008
2	January 2008
2	December 2007
1	November 2007
2	October 2007
1	September 2007
2	August 2007
3	July 2007
1	September 2006
1	March 2006
2	November 2005
2	June 2005
3	May 2005
1	April 2005
4	March 2005
3	February 2005
1	January 2005
3	November 2004
8	October 2004
5	September 2004
1	August 2004
1	July 2004
1	May 2003
4	April 2003