K 10
svn:author
V 2
cy
K 8
svn:date
V 27
2021-01-26T20:28:56.098776Z
K 7
svn:log
V 791
Document sudo CVE-2021-3156.

 * When invoked as sudoedit, the same set of command line options
   are now accepted as for "sudo -e".  The -H and -P options are
   now rejected for sudoedit and "sudo -e" which matches the sudo
   1.7 behavior.  This is part of the fix for CVE-2021-3156.

 * Fixed a potential buffer overflow when unescaping backslashes
   in the command's arguments.  Normally, sudo escapes special
   characters when running a command via a shell (sudo -s or sudo
   -i).  However, it was also possible to run sudoedit with the -s
   or -i flags in which case no escaping had actually been done,
   making a buffer overflow possible.  This fixes CVE-2021-3156.

PR:		253034
Reported by:	"Todd C. Miller" <Todd.Miller@sudo.ws> via mailing list
		emaste
Obtained from:	sudo

END