[CentOS] CentOS 6 fix sudo CVE-2021-3156

Thu Jan 28 18:43:15 UTC 2021
Gionatan Danti <g.danti at assyoma.it>

Il 2021-01-28 19:17 James Pearson ha scritto:
> I don't know of another way of testing if this build fixes the issue ?

According to Qualys blog, sudoedit -s '\' `perl -e 'print "A" x 65536'` 
should core-dump on vulnerable versions.

I just tried on stock 6.10 and it core-dumps, indeed. Upgrading to the 
OL6 sudo package fixes the issue, indeed (no more core dump).

So it seems to work fine to me.

Danti Gionatan
Supporto Tecnico
Assyoma S.r.l. - www.assyoma.it
email: g.danti at assyoma.it - info at assyoma.it
GPG public key ID: FF5F32A8