StarlingX

  1. Bug #1852825
  2. Comment #12

Comment 12 for bug 1852825

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to tools (r/stx.2.0)

Reviewed: https://review.opendev.org/699320
Committed: https://git.openstack.org/cgit/starlingx/tools/commit/?id=8f446f3fed55736b2958c69ce6c580d39a9d9647
Submitter: Zuul
Branch: r/stx.2.0

commit 8f446f3fed55736b2958c69ce6c580d39a9d9647
Author: Robin Lu <email address hidden>
Date: Fri Nov 22 16:08:13 2019 +0800

    Upgrade sudo to version 1.8.23-4.el7_7.1

    To fix below CVE, we will use sudo-1.8.23-4.el7_7.1.src.rpm
    https://lists.centos.org/pipermail/centos-announce/2019-October/023499.html

    CVE bug: CVE-2019-14287: sudo: can bypass certain policy blacklists

    Closes-Bug: 1852825

    Change-Id: Iaafc053fe6e3b58468b5fa7c47dbc0f61a2d3c44
    Signed-off-by: Robin Lu <email address hidden>
    (cherry picked from commit c75164899fb0d242022338d67144c06be7c5b32f)