Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 08 Nov 2022 00:19:30 +0000
From:      bugzilla-noreply@freebsd.org
To:        ports-bugs@FreeBSD.org
Subject:   [Bug 267617] security/sudo: Update to 1.9.12p1
Message-ID:  <bug-267617-7788-j4hiOc7VK8@https.bugs.freebsd.org/bugzilla/>
In-Reply-To: <bug-267617-7788@https.bugs.freebsd.org/bugzilla/>
References:  <bug-267617-7788@https.bugs.freebsd.org/bugzilla/>

next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D267617

--- Comment #5 from commit-hook@FreeBSD.org ---
A commit in branch main references this bug:

URL:
https://cgit.FreeBSD.org/ports/commit/?id=3D3cd785707f9dc7b53396ecfd729d1fb=
a07c3ca04

commit 3cd785707f9dc7b53396ecfd729d1fba07c3ca04
Author:     Cy Schubert <cy@FreeBSD.org>
AuthorDate: 2022-11-08 00:16:07 +0000
Commit:     Cy Schubert <cy@FreeBSD.org>
CommitDate: 2022-11-08 00:18:23 +0000

    security/vuxml: Document sudo CVE-2022-43995

    Document a potential out-of-bounds write for passwords smaller than
    eight bytes when crypt() is used.

    PR:             267617
    Security:       CVE-2022-43995

 security/vuxml/vuln-2022.xml | 32 ++++++++++++++++++++++++++++++++
 1 file changed, 32 insertions(+)

--=20
You are receiving this mail because:
You are on the CC list for the bug.=



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-267617-7788-j4hiOc7VK8>