Date: Fri, 02 Jun 2017 12:55:10 -0600 From: "Todd C. Miller" <Todd.Miller@...rtesan.com> To: oss-security@...ts.openwall.com Subject: Re: Arbitrary terminal access via sudo on Linux On Fri, 02 Jun 2017 12:51:55 -0600, Kurt Seifried wrote: > which says it is NOT exploitable, but you're saying that it is actually > exploitable? If confirmed yes I'll get you a new CVE for this asap. Thanks. The file overwrite issue is not exploitable in 1.8.20p1. However, the arbitrary tty access IS exploitable in 1.8.20p1. - todd
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ