Fwd: RHN Errata Alert: Updated sudo packages are available
Robert Brandtjen
yellowdog-general@lists.terrasoftsolutions.com
Fri Apr 26 00:07:01 2002
---------- Forwarded Message ----------
Subject: RHN Errata Alert: Updated sudo packages are available
Date: Thu, 25 Apr 2002 22:51:44 -0500
From: Red Hat Network Alert <rhn-admin@mail.rhns.redhat.com>
To: rob323 <rob@prometheusmedia.com>
Red Hat Network has determined that the following advisory is applicable =
to
one or more of the systems you have registered:
Complete information about this errata can be found at the following
location: https://rhn.redhat.com/network/errata/errata_details.pxt?eid=3D=
1063
Security Advisory - RHSA-2002:071-07
-------------------------------------------------------------------------=
----
- Summary:
Updated sudo packages are available
Updated sudo packages are available which fix a local root exploit.
Description:
The sudo (superuser do) utility allows system administrators to give cert=
ain
users the ability to run commands as root with logging.
Global InterSec LLC found an issue with Sudo 1.6.5p2 and earlier which ca=
n
be exploited to allow a local attacker to gain root privileges.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CAN-2002-0184 to this issue.
Users of Sudo are advised to upgrade to these errata packages which are
not vulnerable to this issue.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCAN-2002-0184
http://www.globalintersec.com/adv/sudo-2002041701.txt
-------------------------------------------------------------------------=
----
-
-------------
Taking Action
-------------
You may address the issues outlined in this advisory in two ways:
- select your server name by clicking on its name from the list
available at the following location, and then schedule an
errata update for it:
https://rhn.redhat.com/network/systemlist/system_list.pxt
- run the Update Agent on each affected server.
---------------------------------
Changing Notification Preferences
---------------------------------
To enable/disable your Errata Alert preferences globally please log in to=
RHN
and navigate from "Your RHN" / "Your Account" to the "Preferences" tab.
URL: https://rhn.redhat.com/network/my_account/my_prefs.pxt
You can also enable/disable notification on a per system basis by selecti=
ng
an individual system from the "Systems List". From the individual system
view click the "Details" tab.
---------------------
Affected Systems List
---------------------
This Errata Advisory may apply to the systems listed below. If you know t=
hat
this errata does not apply to a system listed, it might be possible that =
the
package profile for that server is out of date. In that case you should r=
un
'up2date -p' as root on the system in question to refresh your software
profile.
There is 1 affected system registered in 'Your RHN' (only systems for
which you have explicitly enabled Errata Alerts are shown).
Release Arch Profile Name
-------- -------- ------------
7.1 i686 server.darkwhores.com
The Red Hat Network Team
This message is being sent by Red Hat Network Alert to:
RHN user login: rob323
Email address on file: <rob@prometheusmedia.com>
To cancel these notices, go to:
https://rhn.redhat.com/oo.pxt?uid=3D769479&oid=3D1329783
-------------------------------------------------------
--=20
Robert Brandtjen
--------------------------------------
Web Site Creation and Hosting Services
Hostmaster@prometheusmedia.com
www.prometheusmedia.com