MDVSA-2009:033

Package name

sudo

Date

2009-02-04

Advisory ID

MDVSA-2009:033

Affected versions

2009.0 x86_64 , 2008.0 i586 , 2009.0 i586 , 2008.0 x86_64 , 2008.1 x86_64 , 2008.1 i586

Problem description

A vulnerability has been identified in sudo which allowed - depending
on the sudoers rules - a sudo-user to execute arbitrary shell commands
as root (CVE-2009-0034).

The updated packages have been patched to prevent this.

Updated packages

2009.0 x86_64

 3a720d40956ffb88f09d205d1bf43a6a  2009.0/x86_64/sudo-1.6.9p17-1.1mdv2009.0.x86_64.rpm 
 374b44d579c20a4965ed83e6a1e2954b  2009.0/SRPMS/sudo-1.6.9p17-1.1mdv2009.0.src.rpm

2008.0 i586

 41418ab92af8d15bcd8c91d88ee98de6  2008.0/i586/sudo-1.6.9p5-1.1mdv2008.0.i586.rpm 
 5ddf7f6da238512c60b1a4e01300c2cc  2008.0/SRPMS/sudo-1.6.9p5-1.1mdv2008.0.src.rpm

2009.0 i586

 a10f0612563862401aef2d1eda3518f2  2009.0/i586/sudo-1.6.9p17-1.1mdv2009.0.i586.rpm 
 374b44d579c20a4965ed83e6a1e2954b  2009.0/SRPMS/sudo-1.6.9p17-1.1mdv2009.0.src.rpm

2008.0 x86_64

 066fc052116881512c507761701e5703  2008.0/x86_64/sudo-1.6.9p5-1.1mdv2008.0.x86_64.rpm 
 5ddf7f6da238512c60b1a4e01300c2cc  2008.0/SRPMS/sudo-1.6.9p5-1.1mdv2008.0.src.rpm

2008.1 x86_64

 32855dcd816e88e97293cec6eaabfd96  2008.1/x86_64/sudo-1.6.9p13-1.1mdv2008.1.x86_64.rpm 
 74c9baf4110de86f5d10ff07d9e320dc  2008.1/SRPMS/sudo-1.6.9p13-1.1mdv2008.1.src.rpm

2008.1 i586

 04b1f43831ddc179780d46b92b5ceda8  2008.1/i586/sudo-1.6.9p13-1.1mdv2008.1.i586.rpm 
 74c9baf4110de86f5d10ff07d9e320dc  2008.1/SRPMS/sudo-1.6.9p13-1.1mdv2008.1.src.rpm

References

• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0034