sudo-1.8.6p7-20.el7
エラータID: AXSA:2016-1113:02
リリース日:
2016/11/29 Tuesday - 08:50
題名:
sudo-1.8.6p7-20.el7
影響のあるチャネル:
Asianux Server 7 for x86_64
Severity:
Low
Description:
以下項目について対処しました。
[Security Fix]
- 現時点では CVE-2016-7091 の情報が公開されておりません。
CVE の情報が公開され次第情報をアップデートいたします。
一部CVEの翻訳文はJVNからの引用になります。
http://jvndb.jvn.jp/
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2016-7091
sudo: It was discovered that the default sudo configuration on Red Hat Enterprise Linux and possibly other Linux implementations preserves the value of INPUTRC which could lead to information disclosure. A local user with sudo access to a restricted program that uses readline could use this flaw to read content from specially formatted files with elevated privileges provided by sudo.
sudo: It was discovered that the default sudo configuration on Red Hat Enterprise Linux and possibly other Linux implementations preserves the value of INPUTRC which could lead to information disclosure. A local user with sudo access to a restricted program that uses readline could use this flaw to read content from specially formatted files with elevated privileges provided by sudo.
追加情報:
N/A
ダウンロード:
SRPMS
- sudo-1.8.6p7-20.el7.src.rpm
MD5: eea67819b21f294c5f4e6fe8267e378c
SHA-256: 22ebfc8cfca643227dadfa417baa741756b105062fdfcb817129b3a4a7f2f105
Size: 1.96 MB
Asianux Server 7 for x86_64
- sudo-1.8.6p7-20.el7.x86_64.rpm
MD5: b848cc0a559eb2b851b4d7241ac6b578
SHA-256: 96e04dd83920b0421dd0f705b3469d47875f1c2fe93834426fef437f35729156
Size: 734.04 kB