[oi-dev] CVE-2021-3156 seems relevant for OI
Aurélien Larcher
aurelien.larcher at gmail.com
Tue Feb 2 12:55:54 UTC 2021
On Thu, Jan 28, 2021 at 12:19 PM Till Wegmueller <toasterson at gmail.com>
wrote:
> Yeah
>
> People still don't inform us or the BSD's / Apple properly for these
> sorts of things, but we can scramble to address small patches like this
> very fast it turns out. Thankfully now a couple of people in the BSD's
> now ping us in tweets when this happens so we get the news very fast,
> although still post embargo and not pre.
>
And following Alan's notification you may want to update the sudo package
on your systems again:
https://github.com/OpenIndiana/oi-userland/pull/6468
The new package has been published already.
>
>
> -Till
>
> On 28.01.21 04:36, Tony Brian Albers wrote:
> > On 01/28/21 07:14 AM, Tim Mooney via oi-dev wrote:
> >> In regard to: [oi-dev] CVE-2021-3156 seems relevant for OI, Tony
> Brian...:
> >>
> >>> We might want to get sudo patched really, really quickly.
> >>
> >> Rich Lowe had a PR for it last night, just a few hours after the
> >> embargo lifted:
> >>
> >> https://github.com/OpenIndiana/oi-userland/pull/6456
> >>
> >> Tim
> >
> > Cool, that's what I call fast :)
> >
> > /tony
> >
> >
> >
>
> _______________________________________________
> oi-dev mailing list
> oi-dev at openindiana.org
> https://openindiana.org/mailman/listinfo/oi-dev
>
--
---
Praise the Caffeine embeddings
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://openindiana.org/pipermail/oi-dev/attachments/20210202/015d44f9/attachment.html>
More information about the oi-dev
mailing list