Slackwarearm-14.2 ChangeLog (2020-02-08)

Sat Feb 08 08:08:08 UTC 2020

  • patches/packages/nano-4.8-arm-1_slack14.2.txz
  • patches/packages/sudo-1.8.31-arm-1_slack14.1.txz
    This update fixes a security issue:
    In Sudo before 1.8.31, if pwfeedback is enabled in /etc/sudoers, users can
    trigger a stack-based buffer overflow in the privileged sudo process.
    (pwfeedback is a default setting in some Linux distributions; however, it
    is not the default for upstream or in Slackware, and would exist only if
    enabled by an administrator.) The attacker needs to deliver a long string
    to the stdin of getln() in tgetpass.c.
    For more information, see:
    (* Security fix *)
  • news/2020/02/08/slackwarearm-14.2-changelog.txt
  • Last modified: 3 years ago
  • by Giuseppe Di Terlizzi