Search found 6 matches

by Blair
2021/02/03 17:02:52
Forum: CentOS 6 - Security Support
Topic: New critical sudo vulnerability - CVE-2021-3156
Replies: 13
Views: 9214

Re: New critical sudo vulnerability - CVE-2021-3156

Thanks sml and fuzzy.
Best regards.
by Blair
2021/01/28 07:59:46
Forum: CentOS 6 - Security Support
Topic: New critical sudo vulnerability - CVE-2021-3156
Replies: 13
Views: 9214

Re: New critical sudo vulnerability - CVE-2021-3156

Hello again.
I just checked sudo official website. https://www.sudo.ws/sudo/
They have released source code for 1.9.5p2 and a updated rpm package for stable branch, even for Centos 6 :)
I don't know if they are going to made a legacy release.
Greetings
by Blair
2021/01/28 07:22:37
Forum: CentOS 6 - Security Support
Topic: New critical sudo vulnerability - CVE-2021-3156
Replies: 13
Views: 9214

Re: New critical sudo vulnerability - CVE-2021-3156

Hello TrevorH,
You has given us better and quicker support/help than Red Hat Support sincerely. My team send you their gratitude.
We are going to highly recommend to our customers to migrate their 6.10 servers to 7.9 ASAP.
Best regards
by Blair
2021/01/27 12:29:45
Forum: CentOS 6 - Security Support
Topic: New critical sudo vulnerability - CVE-2021-3156
Replies: 13
Views: 9214

Re: New critical sudo vulnerability - CVE-2021-3156

Thanks again, TrevorH

Greetings
by Blair
2021/01/27 12:26:14
Forum: CentOS 6 - Security Support
Topic: New critical sudo vulnerability - CVE-2021-3156
Replies: 13
Views: 9214

Re: New critical sudo vulnerability - CVE-2021-3156

Hello TrevorH, Thank you for your extreme quick answer :D Red Hat has published today: https://access.redhat.com/errata/RHSA-2021:0227 for Red Hat Enterprise Linux Server - Extended Life Cycle Support 6. Can it give us some hope about a possible fix? About 7.x, yes, I just updated a Centos 7.9 and I...
by Blair
2021/01/27 12:08:40
Forum: CentOS 6 - Security Support
Topic: New critical sudo vulnerability - CVE-2021-3156
Replies: 13
Views: 9214

New critical sudo vulnerability - CVE-2021-3156

Hello everyone Yesterday it was published a heap overflow vulnerability in sudo. It was introduced in July 2011 (commit 8255ed69) and affects all legacy versions from 1.8.2 to 1.8.31p2 and all stable versions from 1.9.0 to 1.9.5p1 in their default configuration. Successful exploitation of this vulne...

Go to advanced search