Hello LaMont, or anyone else affected, Accepted sudo into xenial-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/sudo/1.8.16-0ubuntu1.1 in a few hours, and then in the -proposed repository.
Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users. If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision. Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance! ** Changed in: sudo (Ubuntu Xenial) Status: In Progress => Fix Committed ** Tags added: verification-needed -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to sudo in Ubuntu. https://bugs.launchpad.net/bugs/1565567 Title: segv in sudo_getgrgid Status in sudo: Unknown Status in sudo package in Ubuntu: Fix Committed Status in sudo source package in Xenial: Fix Committed Bug description: [Impact] In certain environments, for example when using LDAP, users can end up in a group with no name. When that happens, sudo crashes when attempting to look up the group name for the debug log. Upstream has commited a simple fix for this issue, it has been commited to Yakkety, and uploaded to Xenial. [Test Case] I currently don't know an easy way to reproduce this, it is environment-specific. A package containing the fix was successfully tested in the problematic environment. [Regression Potential] A regression in the patch would prevent users from using sudo. The risk of regression is low since the patch only changes the debug log. Original report: If the user is in a group with no name (because libnss-db got removed and the group was defined there, for example...) then: the call to sudo_debug_printf in sudo_getgrgid (plugins/sudoers/pwutil.c, line 462) causes a SEGV when trying to get item->d.gr->gr_name (since item->d.gr is NULL). To manage notifications about this bug go to: https://bugs.launchpad.net/sudo/+bug/1565567/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
