[v2.3] Sudo format string vulnerability - CVE-2012-0809
Summary:
A flaw exists in the debugging code in sudo versions 1.8.0 through 1.8.3p1 that can be used to crash sudo or potentially allow an unauthorized user to elevate privileges.
Sudo versions affected:
1.8.0 through 1.8.3p1 inclusive. Older versions of sudo are not affected.
http://www.sudo.ws/sudo/alerts/sudo\_debug.html
(from redmine: issue id 968, created on 2012-01-31, closed on 2012-02-01)
- Changesets:
- Revision e941718a by Natanael Copa on 2012-01-31T07:27:43Z:
main/sudo: security upgrade to 1.8.3_p2 (CVE 2012-0809)
fixes #968