[sudo-commits] sudo changeset 12831:049ad90590be

Todd C. Miller Todd.Miller at sudo.ws
Tue Jan 26 11:03:26 MST 2021

changeset:	12831:049ad90590be in /raid/repos/sudo
details:	https://www.sudo.ws/repos/sudo/rev/049ad90590be
user:		Todd C. Miller <Todd.Miller at sudo.ws>
date:		Sat Jan 23 08:43:59 2021 -0700

Log Message:
	Fix potential buffer overflow when unescaping backslashes in user_args.
	Also, do not try to unescaping backslashes unless in run mode *and*
	we are running the command via a shell.
	Found by Qualys, this fixes CVE-2021-3156.


 plugins/sudoers/sudoers.c |  23 ++++++++++++++++++-----
 1 files changed, 18 insertions(+), 5 deletions(-)

More information about the sudo-commits mailing list