MNBSD-2009-3: sudo update correcting several outstanding security advisories

Severity: Unknown

Affected Package: sudo

Summary: sudo update correcting several outstanding security advisories

Description

An update for sudo corrected several outstanding security advisories, most notably a flaw in the parsing of the Runas group in the sudoers file that could allow local privilege escalation (sudo before 1.6.9p18). The fix was included in 0.2.1-RELEASE-p7 and 0.3-CURRENT. The 0.1.x branch no longer received security patches.

Affected Versions

sudo

Recommendations

No specific recommendations provided.

References

Additional Information

Aliases: CVE-2009-0034

Published: March 26, 2009
Last Modified: March 26, 2009