Show pageOld revisionsBacklinksBack to top This page is read only. You can view the source, but not change it. Ask your administrator if you think this is wrong. ====== Slackware64-14.1 ChangeLog (2021-01-26) ====== ====== Tue Jan 26 21:20:58 UTC 2021 ====== ===== Packages ===== ==== Upgraded ==== * [[slackware64.14.1>patches/packages/sudo-1.9.5p2-x86_64-1_slack14.1.txz]] \\ When invoked as sudoedit, the same set of command line options \\ are now accepted as for "sudo -e". The -H and -P options are \\ now rejected for sudoedit and "sudo -e" which matches the sudo \\ 1.7 behavior. This is part of the fix for CVE-2021-3156. \\ Fixed a potential buffer overflow when unescaping backslashes \\ in the command's arguments. Normally, sudo escapes special \\ characters when running a command via a shell (sudo -s or sudo \\ -i). However, it was also possible to run sudoedit with the -s \\ or -i flags in which case no escaping had actually been done, \\ making a buffer overflow possible. This fixes CVE-2021-3156. \\ For more information, see: \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3156 \\ (* Security fix *) {{tag>slackware changelog slackware64-14.1 2021-01}} news/2021/01/26/slackware64-14.1-changelog.txt Last modified: 3 years agoby Giuseppe Di Terlizzi Log In