[SUSE-Announcements] BES Auto Notification: New Fixlets Published in Fixlet Site: 'Patches for SUSE Linux Enterprise'
Notification of New SUSE Fixlet Messages
suse-announcements at bigmail.bigfix.com
Wed Mar 10 03:10:09 PST 2010
Fixlet Site - 'Patches for SUSE Linux Enterprise'
Current Version: 309 Published: Tue, 09 Mar 2010 19:39:53 GMT
New Fixlets:
============
***************************************************************
Title: PATCH-B10030801 - Security update for sudo - SLES10 SP2
Severity: <Unspecified>
Fixlet ID: 1003080101
Fixlet Link: http://download.novell.com/Download?buildid=JH5b5sr3Pb8~
Fixlet Description: This update fixes the following security issue: CVE-2010-0426:CVSS v2 Base Score: 6.6 A privilege escalation flaw was found in the way sudo used to check file paths for pseudocommands. If local, unprivileged user was authorized by sudoers file to edit one or more files, it could lead to execution of arbitrary code, with the privileges of privileged system user (root). Everyone should update. Please see patch page for more detailed information.
***************************************************************
Title: PATCH-B10030801 - Security update for sudo - SLED10 SP2
Severity: <Unspecified>
Fixlet ID: 1003080103
Fixlet Link: http://download.novell.com/Download?buildid=cDetQZw9fYg~
Fixlet Description: This update fixes the following security issue: CVE-2010-0426:CVSS v2 Base Score: 6.6 A privilege escalation flaw was found in the way sudo used to check file paths for pseudocommands. If local, unprivileged user was authorized by sudoers file to edit one or more files, it could lead to execution of arbitrary code, with the privileges of privileged system user (root). Everyone should update. Please see patch page for more detailed information.
More information about the SUSE-Announcements
mailing list