Duncaen OpenDoas Security Breach

Duncaen OpenDoas is a program from the individual developers at Duncaen that provides limited Sudo functionality for Linux systems. A security vulnerability exists in Duncaen OpenDoas 6.6 through 6.8, which stems from an insecure incomplete reset of paths when the user context is changed...

Code injection

Context relabeling of filesystems is vulnerable to symbolic link attack, allowing a local, unprivileged malicious entity to change the SELinux context of an arbitrary file to a context with few restrictions. This only happens when the relabeling process is done, usually when taking SELinux state...

Scientific Linux Security Update : sudo on SL5.x i386/x86_64 (20120808)

An insecure temporary file use flaw was found in the sudo package's post-uninstall script. A local attacker could possibly use this flaw to overwrite an arbitrary file via a symbolic link attack, or modify the contents of the '/etc/nsswitch.conf' file during the upgrade or removal of the sudo...

sudo security update

CentOS Errata and Security Advisory CESA-2012:1149 An updated sudo package that fixes one security issue and several bugs is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring...

pam security, bug fix, and enhancement update

0.99.6.2-3.26 - removed realtime default limits 240123 from the package as it caused regression on machines with nonexistent realtime group 0.99.6.2-3.25 - added and improved translations 219124 - adjusted the default limits for realtime users 240123 0.99.6.2-3.23 - pamunix: truncated MD5 passwor...