sudo 1.8.21p2-3ubuntu1.4 source package in Ubuntu

Changelog

sudo (1.8.21p2-3ubuntu1.4) bionic-security; urgency=medium

  * SECURITY UPDATE: dir existence issue via sudoedit race
    - debian/patches/CVE-2021-23239.patch: fix potential directory existing
      info leak in sudoedit in src/sudo_edit.c.
    - CVE-2021-23239
  * SECURITY UPDATE: heap-based buffer overflow
    - debian/patches/CVE-2021-3156-pre1.patch: check lock record size in
      plugins/sudoers/timestamp.c.
    - debian/patches/CVE-2021-3156-pre2.patch: sanity check size when
      converting the first record to TS_LOCKEXCL in
      plugins/sudoers/timestamp.c.
    - debian/patches/CVE-2021-3156-1.patch: reset valid_flags to
      MODE_NONINTERACTIVE for sudoedit in src/parse_args.c.
    - debian/patches/CVE-2021-3156-2.patch: add sudoedit flag checks in
      plugin in plugins/sudoers/policy.c.
    - debian/patches/CVE-2021-3156-3.patch: fix potential buffer overflow
      when unescaping backslashes in plugins/sudoers/sudoers.c.
    - debian/patches/CVE-2021-3156-4.patch: fix the memset offset when
      converting a v1 timestamp to TS_LOCKEXCL in
      plugins/sudoers/timestamp.c.
    - debian/patches/CVE-2021-3156-5.patch: don't assume that argv is
      allocated as a single flat buffer in src/parse_args.c.
    - CVE-2021-3156
  * debian/control: added tzdata to Build-Depends so that the time zone
    data directory is present during builds.

 -- Marc Deslauriers <email address hidden>  Tue, 19 Jan 2021 09:36:00 -0500

Upload details

Uploaded by:
Marc Deslauriers on 2021-01-20
Uploaded to:
Bionic
Original maintainer:
Ubuntu Developers
Architectures:
any
Section:
admin
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Bionic updates on 2021-01-26 main admin
Bionic security on 2021-01-26 main admin

Downloads

File Size SHA-256 Checksum
sudo_1.8.21p2.orig.tar.gz 2.9 MiB 0d17b4b1c720de4150f5e1d35627cf8b3a6495041cb0d842f3172eeeb459359d
sudo_1.8.21p2-3ubuntu1.4.debian.tar.xz 38.9 KiB a88bc5ac9c88719a8cf7e7fec10c13e8b7a3054deb777cc3b8a959697a50ed10
sudo_1.8.21p2-3ubuntu1.4.dsc 2.1 KiB 2004d8e5f0a259fce243da0e5fa07f8e61532855f0c23a39e213334c4a12c823

View changes file

Binary packages built by this source

sudo: Provide limited super user privileges to specific users

 Sudo is a program designed to allow a sysadmin to give limited root
 privileges to users and log root activity. The basic philosophy is to give
 as few privileges as possible but still allow people to get their work done.
 .
 This version is built with minimal shared library dependencies, use the
 sudo-ldap package instead if you need LDAP support for sudoers.

sudo-dbgsym: debug symbols for sudo
sudo-ldap: Provide limited super user privileges to specific users

 Sudo is a program designed to allow a sysadmin to give limited root
 privileges to users and log root activity. The basic philosophy is to give
 as few privileges as possible but still allow people to get their work done.
 .
 This version is built with LDAP support, which allows an equivalent of the
 sudoers database to be distributed via LDAP. Authentication is still
 performed via pam.

sudo-ldap-dbgsym: debug symbols for sudo-ldap