[Buildroot] [PATCH] sudo: security bump to version 1.8.12
Thomas Petazzoni
thomas.petazzoni at free-electrons.com
Tue Feb 17 13:01:35 UTC 2015
Dear Gustavo Zacarias,
On Tue, 17 Feb 2015 09:50:51 -0300, Gustavo Zacarias wrote:
> Fixes CVE-2014-9680 - A user with sudo access may be able to exploit
> parsing bugs in the time zone parsing functions of the system's C
> library functions. The user may also be able to read arbitrary files,
> potentially causing changes in system behavior when reading certain
> device special files or simply causing the program run via sudo to
> block.
>
> Signed-off-by: Gustavo Zacarias <gustavo at zacarias.com.ar>
Applied to master, thanks.
Thomas
--
Thomas Petazzoni, CTO, Free Electrons
Embedded Linux, Kernel and Android engineering
http://free-electrons.com
More information about the buildroot
mailing list