On Fri, Jan 20, 2006 at 11:24:04AM +0100, Martin Schulze wrote: > - -------------------------------------------------------------------------- > Debian Security Advisory DSA 946-1 [EMAIL PROTECTED] > http://www.debian.org/security/ Martin Schulze > January 20th, 2006 http://www.debian.org/security/faq > - -------------------------------------------------------------------------- > > Package : sudo > Vulnerability : missing input sanitising > Problem type : local > Debian-specific: no > CVE IDs : CVE-2005-4158 CVE-2006-0151 > Debian Bug : 342948 > > For unstable > "Defaults = env_reset" need to be addeed to /etc/sudoers manually.
Why is this only necessary on unstable systems? The security update doesn't seem to add this on stable systems automatically, so it might be necessary to manually add this on stable and testing as well. Please advise. Thanks. Greetings Marc -- ----------------------------------------------------------------------------- Marc Haber | "I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things." Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
