https://bugzilla.suse.com/show_bug.cgi?id=1181657
https://bugzilla.suse.com/show_bug.cgi?id=1181657#c1
Alexandros Toptsoglou changed:
What |Removed |Added
----------------------------------------------------------------------------
Component|Incidents |Security
Version|unspecified |Current
Product|SUSE Security Incidents |openSUSE Tumbleweed
Target Milestone|--- |Current
QA Contact|security-team@suse.de |qa-bugs@suse.de
--- Comment #1 from Alexandros Toptsoglou ---
Patch at [1]. As far as I understand this issue facilitates the exploit of
Baron Samedit (aka CVE-2021-3156) in sudo versions 1.9.4 and on.
First all of our versions are patched against Baron Samedit and also only
Factory ships a version larger than 1.9.4.
While the issue itself is not known to be explotable, tt might a good idea to
patch our sudo in Factory till the next version upgrade.
[1] https://www.sudo.ws/repos/sudo/rev/e0d4f196ba02
--
You are receiving this mail because:
You are on the CC list for the bug.