Two vulnerabilities have been discovered in sudo, allowing local attackers to possibly gain escalated privileges.
Package | app-admin/sudo on all architectures |
---|---|
Affected versions | < 1.8.3_p2 |
Unaffected versions | >= 1.8.3_p2 revision >= 1.7.4_p5 |
sudo allows a system administrator to give users the ability to run commands as other users.
Two vulnerabilities have been discovered in sudo:
A local attacker could possibly gain the ability to run arbitrary commands with the privileges of other users or groups, including root.
There is no known workaround at this time.
All sudo users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-admin/sudo-1.8.3_p2"