Harald Koenig reported an issue in sudo where "valid sudoers rules might give users root access without password authentication."
Diego, sudo 1.7.0 is unaffected by this. It's your call whether to patch 1.6.9 or stable the new upstream version.
I call for stable on 1.7.0 then.
[geez that sounded like a tabletop rpg :P]
Arches, please test and mark stable:
Target keywords : "alpha amd64 arm hppa ia64 m68k ppc ppc64 s390 sh sparc x86"
This has been assigned CVE-2009-0034, details can be found here:
+ 29 Jan 2009; <firstname.lastname@example.org> sudo-1.7.0.ebuild:
+ Marked stable on AMD64 for security bug #256633, tested on a Core2 Duo
JeR conjures an HPPA Stable Spell.
Stable on alpha.
GLSA request filed.
GLSA 200902-01, don't know why it was still open...