Package: sudo / 1.8.27-1+deb10u1

Metadata

Package Version Patches format
sudo 1.8.27-1+deb10u1 3.0 (quilt)

Patch series

view the series file
Patch File delta Description
typo in classic insults.diff | (download)

plugins/sudoers/ins_classic.h | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

---
paths in samples.diff | (download)

examples/sudoers | 10 5 + 5 - 0 !
1 file changed, 5 insertions(+), 5 deletions(-)

---
Whitelist DPKG_COLORS environment variable.diff | (download)

plugins/sudoers/env.c | 1 1 + 0 - 0 !
1 file changed, 1 insertion(+)

 [patch] whitelist dpkg_colors environment variable


sudo_minus_1_uid.diff | (download)

lib/util/strtoid.c | 100 53 + 47 - 0 !
1 file changed, 53 insertions(+), 47 deletions(-)

 treat an id of -1 as invalid since that means "no change".
 Fixes CVE-2019-14287.
 Found by Joe Vennix from Apple Information Security.
strtoid_minus_1_test_fix.diff | (download)

lib/util/regress/atofoo/atofoo_test.c | 38 28 + 10 - 0 !
plugins/sudoers/regress/testsudoers/test5.out.ok | 2 1 + 1 - 0 !
plugins/sudoers/regress/testsudoers/test5.sh | 2 1 + 1 - 0 !
3 files changed, 30 insertions(+), 12 deletions(-)

 fix test failure in plugins/sudoers/regress/testsudoers/test5.sh
 Fix test failure after fix for CVE-2019-14287 .