Hi all, I was wondering whether sudo 1.6.8p8 as found in -current has the pathname validation vulnerability reported recently (e.g. at http://www.auscert.org.au/render.html?it=5193).
Its version number would suggest it does, however OBSD might contain patches that are not included upstream, or other mitigating factors. Is it recommendable to fetch and install 1.6.8p9 straight away? Cheers Steffen.
