Your message dated Tue, 28 Jun 2005 16:02:51 -0400
with message-id <[EMAIL PROTECTED]>
and subject line Bug#315115: fixed in sudo 1.6.8p9-1
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 25 Jun 2005 09:52:28 +0000
>From [EMAIL PROTECTED] Sat Jun 25 02:52:28 2005
Return-path: <[EMAIL PROTECTED]>
Received: from master.debian.org [146.82.138.7]
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1Dm7Ku-0007sP-00; Sat, 25 Jun 2005 02:52:28 -0700
Received: from zdv-wireless-47-116.zdv.uni-mainz.de (localhost.localdomain)
[134.93.47.116]
by master.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1Dm7Kt-0006lY-00; Sat, 25 Jun 2005 04:52:27 -0500
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: "Dr. Markus Waldeck" <[EMAIL PROTECTED]>
To: Debian Bug Tracking System <[EMAIL PROTECTED]>
Subject: sudo: Sudo version 1.6.8p9 now available, fixes security issue.
X-Mailer: reportbug 3.15
Date: Sat, 25 Jun 2005 11:52:23 +0200
X-Debbugs-Cc: [EMAIL PROTECTED]
Message-Id: <[EMAIL PROTECTED]>
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-9.0 required=4.0 tests=BAYES_00,HAS_PACKAGE,
OUR_MTA_MSGID,X_DEBBUGS_CC autolearn=ham
version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
Package: sudo
Version: 1.6.8p7-1.1
Severity: critical
Justification: root security hole
http://marc.theaimsgroup.com/?l=bugtraq&m=111928183431376
-- System Information:
Debian Release: testing/unstable
APT prefers testing
APT policy: (990, 'testing')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.12-git2
Locale: [EMAIL PROTECTED], [EMAIL PROTECTED] (charmap=UTF-8)
Versions of packages sudo depends on:
ii libc6 2.3.2.ds1-22 GNU C Library: Shared libraries an
ii libpam-modules 0.76-22 Pluggable Authentication Modules f
ii libpam0g 0.76-22 Pluggable Authentication Modules l
sudo recommends no packages.
-- no debconf information
---------------------------------------
Received: (at 315115-close) by bugs.debian.org; 28 Jun 2005 20:09:25 +0000
>From [EMAIL PROTECTED] Tue Jun 28 13:09:25 2005
Return-path: <[EMAIL PROTECTED]>
Received: from newraff.debian.org [208.185.25.31] (mail)
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1DnMOb-00081f-00; Tue, 28 Jun 2005 13:09:25 -0700
Received: from katie by newraff.debian.org with local (Exim 3.35 1 (Debian))
id 1DnMIF-0008A8-00; Tue, 28 Jun 2005 16:02:51 -0400
From: Bdale Garbee <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
X-Katie: $Revision: 1.56 $
Subject: Bug#315115: fixed in sudo 1.6.8p9-1
Message-Id: <[EMAIL PROTECTED]>
Sender: Archive Administrator <[EMAIL PROTECTED]>
Date: Tue, 28 Jun 2005 16:02:51 -0400
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
Source: sudo
Source-Version: 1.6.8p9-1
We believe that the bug you reported is fixed in the latest version of
sudo, which is due to be installed in the Debian FTP archive:
sudo_1.6.8p9-1.diff.gz
to pool/main/s/sudo/sudo_1.6.8p9-1.diff.gz
sudo_1.6.8p9-1.dsc
to pool/main/s/sudo/sudo_1.6.8p9-1.dsc
sudo_1.6.8p9-1_i386.deb
to pool/main/s/sudo/sudo_1.6.8p9-1_i386.deb
sudo_1.6.8p9.orig.tar.gz
to pool/main/s/sudo/sudo_1.6.8p9.orig.tar.gz
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Bdale Garbee <[EMAIL PROTECTED]> (supplier of updated sudo package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Tue, 28 Jun 2005 15:33:11 -0400
Source: sudo
Binary: sudo
Architecture: source i386
Version: 1.6.8p9-1
Distribution: unstable
Urgency: high
Maintainer: Bdale Garbee <[EMAIL PROTECTED]>
Changed-By: Bdale Garbee <[EMAIL PROTECTED]>
Description:
sudo - Provide limited super user privileges to specific users
Closes: 315115 315718
Changes:
sudo (1.6.8p9-1) unstable; urgency=high
.
* new upstream version, fixes a race condition in sudo's pathname
validation, which is a security issue (CAN-2005-1993),
closes: #315115, #315718
Files:
e2e0775f3e6df6ad492c8865324626ba 567 admin optional sudo_1.6.8p9-1.dsc
6d0346abd16914956bc7ea4f17fc85fb 585509 admin optional sudo_1.6.8p9.orig.tar.gz
d2465319cef04fcc3dd46ab4fbb83244 20150 admin optional sudo_1.6.8p9-1.diff.gz
7ad87187742f906dfffde408598cc0a1 159608 admin optional sudo_1.6.8p9-1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
iD8DBQFCwaglZKfAp/LPAagRAv8KAJ4hDeOlBRe4LDe7Tr3PSPnuP8eKLQCfSUMY
ehNiYDJWKirfmDgnx4DltKk=
=EpVl
-----END PGP SIGNATURE-----
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
