[arch-dev-public] [signoff] sudo-1.7.4.p4
Upstream security fix release: This release fixes a security issue with respect to the handling of sudo's -g command line option when -u is also specified. The flaw may allow an attacker to run commands as a user that is not authorized by the sudoers file. For more details, see: http://www.sudo.ws/sudo/alerts/runas_group.html Some quick signoffs would be good... Signoff both, Allan
On 9 September 2010 07:30, Allan McRae <allan@archlinux.org> wrote:
Upstream security fix release:
This release fixes a security issue with respect to the handling of sudo's -g command line option when -u is also specified. The flaw may allow an attacker to run commands as a user that is not authorized by the sudoers file. For more details, see: http://www.sudo.ws/sudo/alerts/runas_group.html
Some quick signoffs would be good...
Signoff both, Allan
signoff i686 -- Guillaume -- Guillaume
On Thu, Sep 9, 2010 at 1:30 AM, Allan McRae <allan@archlinux.org> wrote:
Upstream security fix release:
This release fixes a security issue with respect to the handling of sudo's -g command line option when -u is also specified. The flaw may allow an attacker to run commands as a user that is not authorized by the sudoers file. For more details, see: http://www.sudo.ws/sudo/alerts/runas_group.html
Some quick signoffs would be good...
Signoff both, Allan
signoff x86_64
participants (3)
-
Allan McRae
-
Eric Bélanger
-
Guillaume ALAUX