Package: sudo / 1.8.5p2-1+nmu3+deb7u1
Metadata
Package | Version | Patches format |
---|---|---|
sudo | 1.8.5p2-1+nmu3+deb7u1 | 3.0 (quilt) |
Patch series
view the series filePatch | File delta | Description |
---|---|---|
typo in classic insults.diff | (download) |
plugins/sudoers/ins_classic.h |
2 1 + 1 - 0 ! |
--- |
paths in samples.diff | (download) |
doc/sample.sudoers |
10 5 + 5 - 0 ! |
--- |
actually use buildflags.diff | (download) |
common/Makefile.in |
5 4 + 1 - 0 ! |
--- |
cve 2013 1775.patch | (download) |
plugins/sudoers/check.c |
53 28 + 25 - 0 ! |
--- |
cve 2013 1776.patch | (download) |
plugins/sudoers/check.c |
4 3 + 1 - 0 ! |
--- |
CVE 2014 9680 1.patch | (download) |
aclocal.m4 |
20 20 + 0 - 0 ! |
cve-2014-9680: unsafe handling of tz environment variable The TZ environment variable was passed through unchecked. Most libc tzset() implementations support passing an absolute pathname in the time zone to point to an arbitrary, user-controlled file. This may be used to exploit bugs in the C library's TZ parser or open files the user would not otherwise have access to. Arbitrary file access via TZ could also be used in a denial of service attack by reading from a file or fifo that will block. |
CVE 2014 9680 2.patch | (download) |
doc/sudoers.cat |
6 3 + 3 - 0 ! |
document handling of leading ':' when checking tz variable Document that a leading ':' is skipped when checking TZ for a fully-qualified path name. |
CVE 2015 5602 1.patch | (download) |
doc/sudo.pod |
8 8 + 0 - 0 ! |
cve-2015-5602: sudoedit path restriction bypass using symlinks Do not follow symbolic links in sudoedit by default. This behavior can be controlled by the sudoedit_follow Defaults flag as well as the FOLLOW/NOFOLLOW tags. |
CVE 2015 5602 1 generated.patch | (download) |
doc/sudo.cat |
9 8 + 1 - 0 ! |
cve-2015-5602: sudoedit path restriction bypass using symlinks Files regenerated for changes in CVE-2015-5602-1.patch Bug: https://bugzilla.sudo.ws/show_bug.cgi?id=707 Bug-Debian: https://bugs.debian.org/804149 |
CVE 2015 5602 2.patch | (download) |
src/sudo_edit.c |
8 5 + 3 - 0 ! |
change warning when user tries to sudoedit a symbolic link. |
CVE 2015 5602 2 generated.patch | (download) |
src/po/sudo.pot |
79 42 + 37 - 0 ! |
change warning when user tries to sudoedit a symbolic link. Files regenerated for changes in CVE-2015-5602-2.patch Bug: https://bugzilla.sudo.ws/show_bug.cgi?id=707 Bug-Debian: https://bugs.debian.org/804149 |
CVE 2015 5602 3.patch | (download) |
src/sudo_edit.c |
43 34 + 9 - 0 ! |
open sudoedit files with o_nonblock and fail if they are not regular files. |
CVE 2015 5602 4.patch | (download) |
src/sudo_edit.c |
21 2 + 19 - 0 ! |
remove s_isreg check from sudo_edit_open(), it is already done in the caller. |
CVE 2015 5602 5.patch | (download) |
configure.in |
2 1 + 1 - 0 ! |
cve-2015-5602: add directory writability checks for sudoedit. |
CVE 2015 5602 5 generated.patch | (download) |
config.h.in |
11 11 + 0 - 0 ! |
cve-2015-5602: sudoedit path restriction bypass using symlinks Files regenerated for changes in CVE-2015-5602-5.patch Bug: https://bugzilla.sudo.ws/show_bug.cgi?id=707 Bug-Debian: https://bugs.debian.org/804149 |
CVE 2015 5602 6.patch | (download) |
src/sudo_edit.c |
67 37 + 30 - 0 ! |
cve-2015-5602: fix directory writability checks for sudoedit. Bug: https://bugzilla.sudo.ws/show_bug.cgi?id=707 Bug-Debian: https://bugs.debian.org/804149 |
CVE 2015 5602 7.patch | (download) |
doc/sudoers.cat |
4 2 + 2 - 0 ! |
cve-2015-5602: enable sudoedit directory writability checks by default Bug: https://bugzilla.sudo.ws/show_bug.cgi?id=707 Bug-Debian: https://bugs.debian.org/804149 |