Difuse/packages
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
packages/admin
History
Josef Schlehofer bee91a9d88 sudo: backport patches for CVE-2021-3156 
This security vulnerability is known as Baron Samedit [1] and there is a
research by Qualys [2] and they discovered it. Unfortunately or
fortunately, there isn't present sudoedit on OpenWrt.

Two patches were applied cleanly and the other two required manual
intervention. Those were backported from version 1.9.5p2

[1] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3156
[2] https://blog.qualys.com/vulnerabilities-research/2021/01/26/cve-2021-3156-heap-based-buffer-overflow-in-sudo-baron-samedit

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
2021-01-28 10:09:00 -10:00
..
atop atop: fix build error 2019-05-01 13:22:28 +02:00
debootstrap debootstrap: update to version 1.0.110~bpo9+1 2019-01-29 09:44:40 +01:00
gkrellmd gkrellmd: update to 2.3.11 2020-07-20 16:03:33 +02:00
htop htop: update to 3.0.4-1 2020-12-22 15:28:33 +02:00
ipmitool ipmitool: fix CVE-2020-5208 2020-09-29 16:14:14 +02:00
monit treewide: Use default PKG_BUILD_DIR when possible 2020-04-12 19:24:15 -07:00
muninlite treewide: Change .*GPL.*+ licenses to SPDX compatible identifier 2019-09-26 19:36:25 -07:00
netatop netatop: add new package 2018-05-13 03:39:34 +02:00
netdata netdata: update to version 1.28.0 2020-12-26 02:15:54 +01:00
openwisp-config openwisp-config: update to version 0.5.0 2021-01-18 09:55:30 -05:00
sudo sudo: backport patches for CVE-2021-3156 2021-01-28 10:09:00 -10:00
syslog-ng syslog-ng: update to version 3.30.1 2021-01-10 11:10:31 +01:00
zabbix zabbix: remove configure patch 2020-02-16 19:47:33 -08:00