* SECURITY UPDATE: security policy bypass when env_reset is disabled
- debian/patches/CVE-2014-0106.patch: fix logic inversion in
plugins/sudoers/env.c.
- CVE-2014-0106
* debian/sudo.sudo.init, debian/sudo-ldap.sudo.init: Set timestamps to
epoch in init scripts so they are properly invalidated. (LP: #1223297)
-- Marc Deslauriers <email address hidden> Tue, 11 Mar 2014 07:56:53 -0400
This bug was fixed in the package sudo - 1.8.3p1-1ubuntu3.6
--------------- 1ubuntu3. 6) precise-security; urgency=medium
sudo (1.8.3p1-
* SECURITY UPDATE: security policy bypass when env_reset is disabled patches/ CVE-2014- 0106.patch: fix logic inversion in sudoers/ env.c. sudo.sudo. init, debian/ sudo-ldap. sudo.init: Set timestamps to
- debian/
plugins/
- CVE-2014-0106
* debian/
epoch in init scripts so they are properly invalidated. (LP: #1223297)
-- Marc Deslauriers <email address hidden> Tue, 11 Mar 2014 07:56:53 -0400