Date: Mon, 30 Jan 2012 11:05:38 -0500 From: Wesley Shields <wxs@FreeBSD.org> To: Mike Tancsa <mike@sentex.net> Cc: ports@freebsd.org Subject: Re: Sudo security advisory Message-ID: <20120130160538.GA89327@atarininja.org> In-Reply-To: <4F26BDBC.5090003@sentex.net> References: <4F26BDBC.5090003@sentex.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Jan 30, 2012 at 10:56:44AM -0500, Mike Tancsa wrote: > Hi, > > > http://www.gratisoft.us/sudo/alerts/sudo_debug.html > > >From the advisory, > > Successful exploitation of the bug will allow a user to run arbitrary > commands as root. > Exploitation of the bug does *not* require that the attacker be listed > in the sudoers file. As such, we strongly suggest that affected sites > upgrade from affected sudo versions as soon as possible. I was aware of this last night but was not planning on touching a computer until I'm officially off vacation tomorrow. However, I think I have enough time today to get the updated version in the tree along with a VuXML entry. Update your ports tree later tonight and hopefully it will be in there. -- WXS
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20120130160538.GA89327>