[sudo-commits] sudo changeset 10986:15a46f4007dd
Todd C. Miller
Todd.Miller at courtesan.com
Wed May 31 14:39:49 MDT 2017
changeset: 10986:15a46f4007dd in /raid/repos/sudo
details: https://www.sudo.ws/repos/sudo/rev/15a46f4007dd
user: Todd C. Miller <Todd.Miller at courtesan.com>
date: Wed May 31 09:14:31 2017 -0600
Log Message:
A command name may also contain newline characters so read
/proc/self/stat until EOF. It is not legal for /proc/self/stat to
contain embedded NUL bytes so treat the file as corrupt if we see
any. With help from Qualys.
This is not exploitable due to the /dev traversal changes in sudo
1.8.20p1 (thanks Solar!).
diffstat:
src/ttyname.c | 39 ++++++++++++++++++++++++++-------------
1 files changed, 26 insertions(+), 13 deletions(-)
More information about the sudo-commits
mailing list