08/11/25 13:54:24 7T76sZFM
>>107
> Thu Apr 25 12:00:50 PDT 2002
> patches/packages/sudo.tgz: Upgraded to sudo-1.6.6.
> This version of sudo fixes a security problem whereby a local user may gain
> root access through corruption of the heap (Off-By-Five).
> This issue was discovered by Global InterSec LLC, and more information may
> be found on their web site:
> URLリンク(www.globalintersec.com)
> The discussion on the site indicates that this problem may only be exploitable
> on systems that use PAM, which Slackware does not use. However, in the
> absence of proof, it still seems prudent to upgrade sudo immediately.
> (* Security fix *)