[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#609839: Bug#609641: Sudo gid security issue

On Tue, Jan 18, 2011 at 12:00:45PM -0700, Bdale Garbee wrote:
> On Tue, 18 Jan 2011 18:44:19 +0100, Thijs Kinkhorst <thijs@debian.org> wrote:
> > On Tuesday 18 January 2011 10:52:21 Bdale Garbee wrote:
> > > On Tue, 18 Jan 2011 09:20:21 +0100, "Thijs Kinkhorst" <thijs@debian.org> 
> > wrote:
> > > > I see that the security issue in #609641 / CVE-2011-0010 is fixed in sid
> > > > but not in squeeze (lenny not affected). Would you be able to provide an
> > > > update via testing-proposed-updates for this? Let me know if you need
> > > > someone from the security team to do it.
> > > 
> > > There is already a pending unblock request to allow 1.7.4p4-6 to enter
> > > testing, #609839, which would I think be the best solution.
> > 
> > Thanks. Today however the release team responded that they think such unblock 
> > is not acceptable and a testing-proposed-update is necessary. Are you able to 
> > work on this?
> 
> Sigh.  That means more work, a code branch that will have less testing,
> and a lower quality sudo package in squeeze than doing the simple thing.
> 
> I don't have time to work on this today, but I'll try to get to it soon.

What's the status?

Cheers,
        Moritz
Reply to: