[OE-core] [PATCH][krogoth] sudo: CVE-2015-8239
Sona Sarmadi
sona.sarmadi at enea.com
Tue Aug 9 11:56:24 UTC 2016
Hi Ross,
This seems to be fixed in master. I checked the code.
//Sona
From: Burton, Ross [mailto:ross.burton at intel.com]
Sent: den 9 augusti 2016 13:54
To: Sona Sarmadi <sona.sarmadi at enea.com>
Cc: OE-core <openembedded-core at lists.openembedded.org>
Subject: Re: [OE-core] [PATCH][krogoth] sudo: CVE-2015-8239
On 9 August 2016 at 12:04, Sona Sarmadi <sona.sarmadi at enea.com<mailto:sona.sarmadi at enea.com>> wrote:
Fixes race condition when checking digests in sudoers.
Reference:
http://seclists.org/oss-sec/2015/q4/327
Reference to upstream fixes:
https://www.sudo.ws/repos/sudo/raw-rev/397722cdd7ec
https://www.sudo.ws/repos/sudo/raw-rev/0cd3cc8fa195
Is this applicable to master too, and should be backport it jethro?
Ross
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openembedded.org/pipermail/openembedded-core/attachments/20160809/c2295192/attachment-0002.html>
More information about the Openembedded-core
mailing list