sudo-1.8.6p3-29.3.0.1.AXS4
エラータID: AXSA:2021-1331:03
Release date:
Thursday, January 28, 2021 - 07:22
Subject:
sudo-1.8.6p3-29.3.0.1.AXS4
Affected Channels:
Asianux Server 4 for x86_64
Asianux Server 4 for x86
Severity:
High
Description:
The sudo packages contain the sudo utility which allows system administrators to
provide certain users with the permission to execute privileged commands, which
are used for system management purposes, without having to log in as root.
Security Fix(es):
sudo: Heap buffer overflow in argument parsing (CVE-2021-3156)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE page(s)
listed in the References section.
Solution:
Update packages.
CVEs:
CVE-2021-3156
Sudo before 1.9.5p2 has a Heap-based Buffer Overflow, allowing privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character.
Sudo before 1.9.5p2 has a Heap-based Buffer Overflow, allowing privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character.
Additional Info:
N/A
Download:
SRPMS
- sudo-1.8.6p3-29.3.0.1.AXS4.src.rpm
MD5: a443bd83828381a0ef829a10d29881b8
SHA-256: de53b861e01b3a7f30b946f73f320c9671081ad2f81e4cd21e864909c63104bc
Size: 1.88 MB
Asianux Server 4 for x86
- sudo-1.8.6p3-29.3.0.1.AXS4.i686.rpm
MD5: f761d979f7f26762ca8f6a47c60bc9ea
SHA-256: f0385c47438e73dfab9697055c638f2f98a6624c6fdcd13eb521b11569e662a2
Size: 704.77 kB
Asianux Server 4 for x86_64
- sudo-1.8.6p3-29.3.0.1.AXS4.x86_64.rpm
MD5: 8ab2fa981c40f500de73cdb61b04ce9f
SHA-256: 832c65b5212f6b6ab8f090db811e4715231dcef45402afca7351fd7ba8da7779
Size: 711.49 kB