Sudo format string vulnerability : http://www.sudo.ws/sudo/alerts/sudo_debug.html An updated package has been submitted to updates_testing for mageia 1 to fix this issue. How to test this vulnerability : $ ln -s /usr/bin/sudo ./%s $ ./%s -D9 Segmentation fault
Priority: Normal => High
Testing x86_64 Confirmed segfault Mirror hasn't updated yet to test the new version.
Advisory text for the update : A flaw discovered by joernchen of Phenoelit exists in the debugging code in sudo versions 1.8.0 through 1.8.3p1 that can be used to crash sudo or potentially allow an unauthorized user to elevate privileges. This update fix this issue.
Using a different mirror. Tested OK x86_64 - gives usage information.
Tested OK i586 Update validated SRPM: sudo-1.8.0-5.mga1.src.rpm Comment 2 for advisory Could sysadmin please push to updates Thankyou!
Keywords: (none) => validated_updateCC: (none) => sysadmin-bugs
Updated packages have been pushed to updates repository.
Status: NEW => RESOLVEDResolution: (none) => FIXED