# Weak SUID check allowing privilege elevation
Hesiod unsafely checks EUID vs UID in a few places, consulting
environment variables for configuration if they match. This could be
used for privilege elevation under some circumstances. The fix uses
secure_getenv() in place of getenv().
# Use of hard-coded DNS domain if configuration file cannot be read
If opening the configuration file fails, hesiod falls back on a default
domain ".athena.mit.edu" to retrieve managed information. A local
attacker with the opportunity to poison DNS cache could potentially
elevate their privileges to root by causing fopen() to fail.
CC'ing TreeCleaner project:
Package has no maintainer, latest upstream release from 2013. It has some dependencies on hesiod USE flag. Let's see what comes first, a patched ebuild or the cleaners.
This issue was resolved and addressed in
GLSA 201805-01 at https://security.gentoo.org/glsa/201805-01
by GLSA coordinator Aaron Bauman (b-man).