1. Forum
  2. Fsxnet Message
  3. FSX BOT

  • Sudo vulnerability

    From bugz_ubuntu@21:4/110 to Ubuntu Users on Monday, February 03, 2020 12:10:04
    sudo vulnerability

    A security issue affects these releases of Ubuntu and its
    derivatives:

    * Ubuntu 19.10
    * Ubuntu 18.04 LTS
    * Ubuntu 16.04 LTS

    Summary

    Sudo could allow unintended access to the administrator account.

    Software Description

    * sudo - Provide limited super user privileges to specific users

    Details

    Joe Vennix discovered that Sudo incorrectly handled memory
    operations when the pwfeedback option is enabled. A local attacker
    could possibly use this issue to obtain unintended access to the
    administrator account.

    Update instructions

    The problem can be corrected by updating your system to the
    following package versions:

    Ubuntu 19.10
    sudo - 1.8.27-1ubuntu4.1
    sudo-ldap - 1.8.27-1ubuntu4.1

    Ubuntu 18.04 LTS
    sudo - 1.8.21p2-3ubuntu1.2
    sudo-ldap - 1.8.21p2-3ubuntu1.2

    Ubuntu 16.04 LTS
    sudo - 1.8.16-0ubuntu1.9
    sudo-ldap - 1.8.16-0ubuntu1.9

    To update your system, please follow these instructions:
    https://wiki.ubuntu.com/Security/Upgrades.

    In general, a standard system update will make all the necessary
    changes.

    References

    * CVE-2019-18634

    --- Mystic BBS v1.12 A43 (Linux/64)
    * Origin: BZ&BZ BBS (21:4/110)
  • From bugz_ubuntu@21:4/110 to Ubuntu Users on Wednesday, February 05, 2020 12:10:10
    sudo vulnerability

    A security issue affects these releases of Ubuntu and its
    derivatives:

    * Ubuntu 14.04 ESM
    * Ubuntu 12.04 ESM

    Summary

    Sudo could allow unintended access to the administrator account.

    Software Description

    * sudo - Provide limited super user privileges to specific users

    Details

    USN-4263-1 fixed a vulnerability in Sudo. This update provides the
    corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM.

    Original advisory details:

    Joe Vennix discovered that Sudo incorrectly handled memory
    operations when the pwfeedback option is enabled. A local attacker
    could possibly use this issue to obtain unintended access to the
    administrator account.

    Update instructions

    The problem can be corrected by updating your system to the
    following package versions:

    Ubuntu 14.04 ESM
    sudo - 1.8.9p5-1ubuntu1.5+esm3
    sudo-ldap - 1.8.9p5-1ubuntu1.5+esm3

    Ubuntu 12.04 ESM
    sudo - 1.8.3p1-1ubuntu3.9
    sudo-ldap - 1.8.3p1-1ubuntu3.9

    To update your system, please follow these instructions:
    https://wiki.ubuntu.com/Security/Upgrades.

    In general, a standard system update will make all the necessary
    changes.

    References

    * USN-4263-1
    * CVE-2019-18634

    --- Mystic BBS v1.12 A43 (Linux/64)
    * Origin: BZ&BZ BBS (21:4/110)