Date: Mon, 30 Jan 2012 11:50:46 -0500 From: Wesley Shields <wxs@FreeBSD.org> To: ports@freebsd.org Subject: Re: Sudo security advisory Message-ID: <20120130165046.GD89327@atarininja.org> In-Reply-To: <4F26BDBC.5090003@sentex.net> References: <4F26BDBC.5090003@sentex.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Jan 30, 2012 at 10:56:44AM -0500, Mike Tancsa wrote: > Hi, > > > http://www.gratisoft.us/sudo/alerts/sudo_debug.html > > >From the advisory, > > Successful exploitation of the bug will allow a user to run arbitrary > commands as root. > Exploitation of the bug does *not* require that the attacker be listed > in the sudoers file. As such, we strongly suggest that affected sites > upgrade from affected sudo versions as soon as possible. Turns out my son is taking a longer than usual nap, which gave me enough time to get the update in the tree and a VuXML entry in for it. Please wait for them to mirror out. If you have any untrusted users you really should update quickly. If there are any problems please let me know. -- WXS
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20120130165046.GD89327>