<div dir="auto">Thanx Patrick</div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Thu, Jan 28, 2021, 9:09 PM Patrick Okui <<a href="mailto:pokui@psg.com">pokui@psg.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Hi all,<br>
<br>
You may have seen the news about a couple of bugs in sudo. <br>
<a href="https://www.theregister.com/2021/01/26/qualys_sudo_bug/" rel="noreferrer noreferrer" target="_blank">https://www.theregister.com/2021/01/26/qualys_sudo_bug/</a> is a good <br>
summary.<br>
<br>
Long story short any user on your system (not necessarily an admin) can <br>
become root without a password (amongst other issues).<br>
<br>
Updates have made it out for most systems; you should update any <br>
multiuser systems as soon as possible.<br>
<br>
<br>
--<br>
patrick<br>
<br>
ps: if you’re looking for the full details you can read <br>
<a href="https://www.qualys.com/2021/01/26/cve-2021-3156/baron-samedit-heap-based-overflow-sudo.txt" rel="noreferrer noreferrer" target="_blank">https://www.qualys.com/2021/01/26/cve-2021-3156/baron-samedit-heap-based-overflow-sudo.txt</a><br>
<br>
_______________________________________________<br>
afnog mailing list<br>
<a href="https://www.afnog.org/mailman/listinfo/afnog" rel="noreferrer noreferrer" target="_blank">https://www.afnog.org/mailman/listinfo/afnog</a></blockquote></div>