Skip to main content
Solved

sudo bug | CVE-2021-3156 (Baron Samedit)

  • February 1, 2021
  • 2 replies
  • 0 views
S
​​Hi all,
does someone know regarding this bug, when a fixed version is available? Additionaly it would be great, to get the source code / makefile for the current ported version in order to fix it by ourself.

Best regards,
Sebastian

Best answer by Anonymous

​​Hi all,
does someone know regarding this bug, when a fixed version is available? Additionaly it would be great, to get the source code / makefile for the current ported version in order to fix it by ourself.

Best regards,
Sebastian
Fix is now available to customers on support contract.  Per our policy, fixes are moved to the public conda channel after a six month delay.  Source code for sudo will be updated later today with latest updates including the fix.  Rocket does not provide build scripts for our z/OS ports.

    2 replies

    Vladimir Ein
    Forum|alt.badge.img+1
    • Vladimir EinRocketeer
    • Rocketeer
    • 110 replies
    • February 11, 2021
    ​​Hi all,
    does someone know regarding this bug, when a fixed version is available? Additionaly it would be great, to get the source code / makefile for the current ported version in order to fix it by ourself.

    Best regards,
    Sebastian
    Hello Sebastian,

    So far we've been unable to recreate the issue on z/OS. Nevertheless we are working on applying the patch, and the updated build will be available on Rocket Secure server (see this presentation for details). We don't have a ETA for this fix yet.

    Regards,
    Vladimir
    A
    • Anonymous
    • 0 replies
    • Answer
    • February 19, 2021
    ​​Hi all,
    does someone know regarding this bug, when a fixed version is available? Additionaly it would be great, to get the source code / makefile for the current ported version in order to fix it by ourself.

    Best regards,
    Sebastian
    Fix is now available to customers on support contract.  Per our policy, fixes are moved to the public conda channel after a six month delay.  Source code for sudo will be updated later today with latest updates including the fix.  Rocket does not provide build scripts for our z/OS ports.


    Terms & ConditionsAccessibility statement