Format: 1.8
Date: Tue, 19 Jan 2021 09:48:09 -0500
Source: sudo
Binary: sudo sudo-ldap
Architecture: amd64 amd64_translations
Version: 1.8.16-0ubuntu1.10
Distribution: xenial
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@lgw01-amd64-030.buildd>
Changed-By: Marc Deslauriers <marc.deslauriers@ubuntu.com>
Description:
 sudo       - Provide limited super user privileges to specific users
 sudo-ldap  - Provide limited super user privileges to specific users
Changes:
 sudo (1.8.16-0ubuntu1.10) xenial-security; urgency=medium
 .
   * SECURITY UPDATE: dir existence issue via sudoedit race
     - debian/patches/CVE-2021-23239.patch: fix potential directory existing
       info leak in sudoedit in src/sudo_edit.c.
     - CVE-2021-23239
   * SECURITY UPDATE: heap-based buffer overflow
     - debian/patches/CVE-2021-3156-pre1.patch: check lock record size in
       plugins/sudoers/timestamp.c.
     - debian/patches/CVE-2021-3156-pre2.patch: sanity check size when
       converting the first record to TS_LOCKEXCL in
       plugins/sudoers/timestamp.c.
     - debian/patches/CVE-2021-3156-1.patch: reset valid_flags to
       MODE_NONINTERACTIVE for sudoedit in src/parse_args.c.
     - debian/patches/CVE-2021-3156-2.patch: add sudoedit flag checks in
       plugin in plugins/sudoers/policy.c.
     - debian/patches/CVE-2021-3156-3.patch: fix potential buffer overflow
       when unescaping backslashes in plugins/sudoers/sudoers.c.
     - debian/patches/CVE-2021-3156-4.patch: fix the memset offset when
       converting a v1 timestamp to TS_LOCKEXCL in
       plugins/sudoers/timestamp.c.
     - debian/patches/CVE-2021-3156-5.patch: don't assume that argv is
       allocated as a single flat buffer in src/parse_args.c.
     - CVE-2021-3156
Checksums-Sha1:
 ab7f208514eee88f58e0fb64cdb124e08efe8c57 451548 sudo-dbgsym_1.8.16-0ubuntu1.10_amd64.ddeb
 be0d29416e141e41af4c314a5132a324de600cba 470076 sudo-ldap-dbgsym_1.8.16-0ubuntu1.10_amd64.ddeb
 6ac70a23f1ab0ab83e59aa79610a7a1fa8af0776 420578 sudo-ldap_1.8.16-0ubuntu1.10_amd64.deb
 1d9718fc2685296e8a7665b00e2962d973e03919 390276 sudo_1.8.16-0ubuntu1.10_amd64.deb
 42a9c5b24596f4f2eecd8b8aa0175b05815fbf51 1456338 sudo_1.8.16-0ubuntu1.10_amd64_translations.tar.gz
Checksums-Sha256:
 cef594ac9f6c00c3b56f987c48ea923ab7f57932e9b84ca272bb75ac3acef2e1 451548 sudo-dbgsym_1.8.16-0ubuntu1.10_amd64.ddeb
 b1c8189051dd1a333633da51bb4cc978da62cf7ac68311ce39007901a5c6e268 470076 sudo-ldap-dbgsym_1.8.16-0ubuntu1.10_amd64.ddeb
 4f7fbd1f3c2be74065d9fe32e0e9ad5cc28841ea202f82aca32d9f4bb4496c90 420578 sudo-ldap_1.8.16-0ubuntu1.10_amd64.deb
 e06d620d1dcaa62efe71857ee82dffe7244d77ae5bf84b7b988398d76125c49b 390276 sudo_1.8.16-0ubuntu1.10_amd64.deb
 e913756ccc2a83d1c9d6608443b3c4fdfbda905f98916106982355971dfad047 1456338 sudo_1.8.16-0ubuntu1.10_amd64_translations.tar.gz
Files:
 cf678c1f53d84ea207fa5939d5baf04a 451548 admin extra sudo-dbgsym_1.8.16-0ubuntu1.10_amd64.ddeb
 d3e3c4900f48bf0d891021f03f745b30 470076 admin extra sudo-ldap-dbgsym_1.8.16-0ubuntu1.10_amd64.ddeb
 c3de55e32e411f78f766a3df1a456385 420578 admin optional sudo-ldap_1.8.16-0ubuntu1.10_amd64.deb
 c3ddc419040c33d6a7ba32073b5e1ddc 390276 admin optional sudo_1.8.16-0ubuntu1.10_amd64.deb
 aec16675e7f7e5ef0305366f8419d2bb 1456338 raw-translations - sudo_1.8.16-0ubuntu1.10_amd64_translations.tar.gz
Original-Maintainer: Bdale Garbee <bdale@gag.com>