[Bug 267617] security/sudo: Update to 1.9.12p1

In reply to: bugzilla-noreply_a_freebsd.org: "[Bug 267617] [PATCH] security/sudo: Update to 1.9.12p1"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Tue, 08 Nov 2022 00:19:30 UTC

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=267617

--- Comment #5 from commit-hook@FreeBSD.org ---
A commit in branch main references this bug:

URL:
https://cgit.FreeBSD.org/ports/commit/?id=3cd785707f9dc7b53396ecfd729d1fba07c3ca04

commit 3cd785707f9dc7b53396ecfd729d1fba07c3ca04
Author:     Cy Schubert <cy@FreeBSD.org>
AuthorDate: 2022-11-08 00:16:07 +0000
Commit:     Cy Schubert <cy@FreeBSD.org>
CommitDate: 2022-11-08 00:18:23 +0000

    security/vuxml: Document sudo CVE-2022-43995

    Document a potential out-of-bounds write for passwords smaller than
    eight bytes when crypt() is used.

    PR:             267617
    Security:       CVE-2022-43995

 security/vuxml/vuln-2022.xml | 32 ++++++++++++++++++++++++++++++++
 1 file changed, 32 insertions(+)

-- 
You are receiving this mail because:
You are on the CC list for the bug.