[Git][security-tracker-team/security-tracker][master] Reserve DLA-3181-1 for sudo

Chris Lamb (@lamby) lamby at debian.org
Mon Nov 7 12:02:04 GMT 2022



Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e018d7ab by Chris Lamb at 2022-11-07T12:01:32+00:00
Reserve DLA-3181-1 for sudo

- - - - -


3 changed files:

- data/CVE/list
- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -130956,7 +130956,6 @@ CVE-2021-23240 (selinux_edit_copy_tfiles in sudoedit in Sudo before 1.9.5 allows
 	NOTE: Neutralised by kernel hardening (fs.protected_symlinks = 1)
 CVE-2021-23239 (The sudoedit personality of Sudo before 1.9.5 may allow a local unpriv ...)
 	- sudo 1.9.5-1
-	[buster] - sudo <ignored> (Minor issue)
 	[stretch] - sudo <no-dsa> (Minor issue)
 	NOTE: https://www.openwall.com/lists/oss-security/2021/01/11/2
 	NOTE: https://www.sudo.ws/repos/sudo/rev/ea19d0073c02


=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[07 Nov 2022] DLA-3181-1 sudo - security update
+	{CVE-2021-23239}
+	[buster] - sudo 1.8.27-1+deb10u4
 [07 Nov 2022] DLA-3180-1 python-scciclient - security update
 	{CVE-2022-2996}
 	[buster] - python-scciclient 0.7.2-2+deb10u1


=====================================
data/dla-needed.txt
=====================================
@@ -264,9 +264,6 @@ sox
   NOTE: 20220818: Requires some investigation; see #1012138 etc.
   NOTE: 20221003: https://sourceforge.net/p/sox/bugs/362/ Re-pinged upstream committer (abhijith)
 --
-sudo (Chris Lamb)
-  NOTE: 20221105: Programming language: C.
---
 tiff
   NOTE: 20221031: Programming language: C.
   NOTE: 20221031: VCS: https://salsa.debian.org/lts-team/packages/tiff.git



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e018d7ab6a1b374d58dd7d8118dc130f23160e62

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e018d7ab6a1b374d58dd7d8118dc130f23160e62
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221107/7697bb02/attachment.htm>


More information about the debian-security-tracker-commits mailing list