[Buildroot] [PATCH] package/sudo: security bump to version 1.8.28
Thomas Petazzoni
thomas.petazzoni at bootlin.com
Tue Oct 15 07:21:56 UTC 2019
On Tue, 15 Oct 2019 09:59:07 +0300
Baruch Siach <baruch at tkos.co.il> wrote:
> Fixes CVE-2019-14287: a sudo user may be able to run a command as root
> when the Runas specification explicitly disallows root access as long as
> the ALL keyword is listed first.
>
> Signed-off-by: Baruch Siach <baruch at tkos.co.il>
> ---
> package/sudo/sudo.hash | 2 +-
> package/sudo/sudo.mk | 2 +-
> 2 files changed, 2 insertions(+), 2 deletions(-)
Applied to master, thanks.
Thomas
--
Thomas Petazzoni, CTO, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com
More information about the buildroot
mailing list