28 Jan
2021
28 Jan
'21
7:43 p.m.
Il 2021-01-28 19:17 James Pearson ha scritto:
I don't know of another way of testing if this build fixes the issue ?
According to Qualys blog, sudoedit -s '' `perl -e 'print "A" x 65536'` should core-dump on vulnerable versions.
I just tried on stock 6.10 and it core-dumps, indeed. Upgrading to the OL6 sudo package fixes the issue, indeed (no more core dump).
So it seems to work fine to me. Thanks.
--
Danti Gionatan
Supporto Tecnico
Assyoma S.r.l. - www.assyoma.it
email: g.danti@assyoma.it - info@assyoma.it
GPG public key ID: FF5F32A8