Updated sudo packages fix security vulnerability
Publication date: 13 Jul 2017Modification date: 13 Jul 2017
Type: security
Affected Mageia releases : 5
CVE: CVE-2017-1000367
Description
A flaw was found in the way sudo parsed tty information from the process status file in the proc filesystem. A local user with privileges to execute commands via sudo could use this flaw to escalate their privileges to root. (CVE-2017-1000367)
References
SRPMS
5/core
- sudo-1.8.20p2-1.mga5