Accepted sudo 1.8.27-1+deb10u6 (source) into oldoldstable
- To: debian-lts-changes@lists.debian.org, dispatch@tracker.debian.org
- Subject: Accepted sudo 1.8.27-1+deb10u6 (source) into oldoldstable
- From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
- Date: Fri, 02 Feb 2024 19:40:20 +0000
- Debian: DAK
- Debian-architecture: source
- Debian-archive-action: accept
- Debian-changes: sudo_1.8.27-1+deb10u6_source.changes
- Debian-source: sudo
- Debian-suite: oldoldstable
- Debian-version: 1.8.27-1+deb10u6
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.seger; h=Date:Message-Id: Content-Transfer-Encoding:Content-Type:Subject:MIME-Version:To:Reply-To:From: Cc:Content-ID:Content-Description:In-Reply-To:References; bh=Ndtkwc9DhKwLc8pFBIQ2+KdpqfGM3PwPFKYDBqGY8C4=; b=iervl4UvLI/pyQRVs0n0PuY/Ma ubG2NxwwdOq/x30LoYn0PXAI5POyko+Z77d7Q10+wts8YMvPiKyoWmtYc9aCD57o7naCysAJPs9zh m+1iMJoIt8NxEJm/7PsGxVc8O083gCEe2TpvOtPy0acRwEMD2WpyyMI+KjDsgP6u8lW6lE1PlAFAD LZMdlooi4dyGGZwqXnLyCUVHhCwTnC4tzzkIKKsoXbwUwtLqrDoWi18xX//uR5rQWbzYUi++0KWP6 54XvwNn6TVdbfMC1tBXyOLXkR2b1E3s7o0N+Ql2owVvaiRiKRELlAku7HfH3jaUQYO8Y6wp1YDu85 MX4/FvbA==;
- Mail-followup-to: debian-lts@lists.debian.org
- Message-id: <E1rVzOe-007Bfz-Lw@seger.debian.org>
- Reply-to: debian-lts@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sun, 21 Jan 2024 20:52:36 +0000
Source: sudo
Architecture: source
Version: 1.8.27-1+deb10u6
Distribution: buster-security
Urgency: high
Maintainer: Bdale Garbee <bdale@gag.com>
Changed-By: Bastien Roucariès <rouca@debian.org>
Changes:
sudo (1.8.27-1+deb10u6) buster-security; urgency=high
.
* Non-maintainer upload by the LTS Security Team.
* Fix CVE-2023-7090: A flaw was found in sudo in the handling of
ipa_hostname, where ipa_hostname from /etc/sssd/sssd.conf
was not propagated in sudo. Therefore, it leads to
privilege mismanagement vulnerability in applications,
where client hosts retain privileges even after retracting them.
* Fix CVE-2023-28486: Sudo did not escape control characters
in log messages.
* Fix CVE-2023-28487: Sudo did not escape control characters
in sudoreplay output.
* Regenerate parsers from yacc file.
Checksums-Sha1:
f81098a53d4605f9728cea84dea603ad85bff44b 2076 sudo_1.8.27-1+deb10u6.dsc
d2c734d175011f7543af56e0e3a0fe51760c2c2d 57864 sudo_1.8.27-1+deb10u6.debian.tar.xz
0c10c2b4c3744bbc4e2e277e93ca811184c2634e 7292 sudo_1.8.27-1+deb10u6_amd64.buildinfo
Checksums-Sha256:
94bea5798bd24d5c6fefce3b31f71a2aa74a7e4fbfb3cb9814ae5ac0574e6b90 2076 sudo_1.8.27-1+deb10u6.dsc
7761a4d673b9aad65f65db653821fa28fec5f33b1c99ee990d716da8ee1e9564 57864 sudo_1.8.27-1+deb10u6.debian.tar.xz
d026ce4513e56aef061ae913a25bfbead39aa5587c2cb5d041827ab0a14821eb 7292 sudo_1.8.27-1+deb10u6_amd64.buildinfo
Files:
6e3efffe305f95e2fddaf7fe90fbebeb 2076 admin optional sudo_1.8.27-1+deb10u6.dsc
4d6642f65350b37f13524f785263f907 57864 admin optional sudo_1.8.27-1+deb10u6.debian.tar.xz
221a7a95c092b8ea1a62845f77594def 7292 admin optional sudo_1.8.27-1+deb10u6_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJFBAEBCgAvFiEEXQGHuUCiRbrXsPVqADoaLapBCF8FAmW9QhwRHHJvdWNhQGRl
Ymlhbi5vcmcACgkQADoaLapBCF+1IBAAqQdeOJYN5YTDspDHPZ0vIIPI37Bmpup9
8bbOWHNmEwXLhtAyH/O+SI+7DZTJKmwPO4JR64f7XWVCkl7stbdpUSfnlu7Vz7R5
XVKoae7hHNVIAwgTAmSdlvcjvE/5yzZmvuEpS1eHayhYKwjMnKqeWEEPjg/QULSh
J3Jrj3ym0esGMMbanmeYJObosmMKCng7BXLA2XpR3WAHzls7+gOyqURUSaMOYOr4
qNSllGqzyjx+iwqfYrWGAcsFnxXZTEjpbyObVSwhYUJg2HmVkD/365cAhnFoYpAn
ysRQCmg4Lkr36kxHmqR2WhCzOuHvUa/t6+iuWqFe8KsvBhoCCRN8A1WuxusAQMVl
K3qlvZO82ngoVI5S4US9+mskIklMVW8eF/JTqERt1txGJRFr57/jf8Aweb8H+z2x
2z0Jgn3Z8g3FonClC9Ex99t2zBydGTrL6Ln8gsKORThX8H8pmak1E3+QwkZVT5Xr
GKNYrCgHA2OQa9xIojdCIqJaOlDvrunqlP4T+qstfQWtfefQILOCdD5N4PoE274d
bl1XPL7fuso/O+Q7LFRVpgU+m7ciyo+R8UP9HTIytmMwUk7RYnCowAotRlSTKlbt
hQRDqc4n3zZvVt/meAEFdelSJ94jNajVFRJjrpyy7fXhRfau2Hcwcem+JXWjYpx9
5EqkcKVsTQY=
=dTCT
-----END PGP SIGNATURE-----