>>107 > Thu Apr 25 12:00:50 PDT 2002 > patches/packages/sudo.tgz: Upgraded to sudo-1.6.6. > This version of sudo fixes a security problem whereby a local user may gain > root access through corruption of the heap (Off-By-Five). > This issue was discovered by Global InterSec LLC, and more information may > be found on their web site: > www.globalintersec.com/adv/sudo-2002041701.txt > The discussion on the site indicates that this problem may only be exploitable > on systems that use PAM, which Slackware does not use. However, in the > absence of proof, it still seems prudent to upgrade sudo immediately. > (* Security fix *)
