1) Are any of the following security exposures fixed via 'patch' in the current distribution of sudo as distributed in the tool box labled 1.6.7p5
2) For any remaining security exposures, when can we expect to see a version distributed through the Toolbox which resolves these exposures?
Sudo Security Alerts
http://www.courtesan.com/sudo/security.html
July 17, 2007
A security issue has been discovered with the Kerberos 5 authentication that allows a malicious user to avoid authenticating with sudo.
November 8, 2005
A security issue has been discovered that allows a malicious user with permission to run a perl shell script to execute arbitrary perl code.
October 27, 2005
A security issue has been discovered that allows a malicious user with permission to run a bash shell script to execute arbitrary commands.
June 20, 2005
A race condition has been discovered that could allow a malicious user with sudo privileges to execute arbitrary commands.
November 11, 2004
A security issue has been discovered that allows a malicious user with permission to run a bash shell script to execute arbitrary commands.
September 15, 2004
A bug in sudoedit has been discovered that allows a malicious user to read files that would otherwise be unreadable.
Thanks