Sicherheit: Mangelnde Eingabeprüfung in sudo
Aktuelle Meldungen Distributionen
Name: Mangelnde Eingabeprüfung in sudo
ID: FEDORA-2016-48614c8b69
Distribution: Fedora
Plattformen: Fedora 23
Datum: Fr, 25. November 2016, 09:02
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7076
Applikationen: sudo


Name        : sudo
Product : Fedora 23
Version : 1.8.18p1
Release : 1.fc23
URL : http://www.courtesan.com/sudo/
Summary : Allows restricted root access for specified users
Description :
Sudo (superuser do) allows a system administrator to give certain
users (or groups of users) the ability to run some (or all) commands
as root while logging all commands and arguments. Sudo operates on a
per-command basis. It is not a replacement for the shell. Features
include: the ability to restrict what commands a user may run on a
per-host basis, copious logging of each command (providing a clear
audit trail of who did what), a configurable timeout of the sudo
command, and the ability to use the same configuration file (sudoers)
on many different machines.

Update Information:

- update to 1.8.18p1 - fixes CVE-2016-7076

[ 1 ] Bug #1384982 - CVE-2016-7076 sudo: noexec bypass via wordexp()

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade sudo' at the command line.
For more information, refer to the dnf documentation available at

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Pro-Linux @Facebook
Neue Nachrichten