Re: CentOS 6 fix sudo CVE-2021-3156

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



Il 2021-01-28 19:17 James Pearson ha scritto:
I don't know of another way of testing if this build fixes the issue ?

According to Qualys blog, sudoedit -s '\' `perl -e 'print "A" x 65536'` should core-dump on vulnerable versions.

I just tried on stock 6.10 and it core-dumps, indeed. Upgrading to the OL6 sudo package fixes the issue, indeed (no more core dump).

So it seems to work fine to me.
Thanks.

--
Danti Gionatan
Supporto Tecnico
Assyoma S.r.l. - www.assyoma.it
email: g.danti@xxxxxxxxxx - info@xxxxxxxxxx
GPG public key ID: FF5F32A8
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos



[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]


  Powered by Linux