{"update": {"autokarma": true, "autotime": true, "stable_karma": 3, "stable_days": 14, "unstable_karma": -3, "require_bugs": true, "require_testcases": true, "display_name": "Rebase to 1.9.5p2", "notes": "Security fix for CVE-2021-3156", "type": "security", "status": "stable", "request": null, "severity": "high", "suggest": "unspecified", "locked": false, "pushed": true, "critpath": true, "critpath_groups": null, "close_bugs": true, "date_submitted": "2021-01-26 20:38:36", "date_modified": null, "date_approved": null, "date_testing": "2021-01-27 01:51:12", "date_stable": "2021-01-27 04:11:32", "alias": "FEDORA-2021-8840cbdccd", "test_gating_status": "ignored", "from_tag": null, "date_pushed": "2021-01-27 04:11:32", "meets_testing_requirements": true, "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2021-8840cbdccd", "title": "sudo-1.9.5p2-1.fc32", "version_hash": "c4cf5552db2b4e409e4b30aceb51aaac32101c0e", "release": {"name": "F32", "long_name": "Fedora 32", "version": "32", "id_prefix": "FEDORA", "branch": "f32", "dist_tag": "f32", "stable_tag": "f32-updates", "testing_tag": "f32-updates-testing", "candidate_tag": "f32-updates-candidate", "pending_signing_tag": "f32-signing-pending", "pending_testing_tag": "f32-updates-testing-pending", "pending_stable_tag": "f32-updates-pending", "override_tag": "f32-override", "mail_template": "fedora_errata_template", "state": "archived", "composed_by_bodhi": true, "create_automatic_updates": false, "package_manager": "dnf", "testing_repository": "updates-testing", "released_on": null, "eol": null, "critpath_mandatory_days_in_testing": 14, "mandatory_days_in_testing": 7, "critpath_min_karma": 2, "min_karma": 1, "setting_status": null}, "user": {"name": "rsroka", "email": "rsroka@redhat.com", "id": 3185, "avatar": "https://seccdn.libravatar.org/avatar/a81d7ed02c23090511ce284262278198e4ec13d0ec69754e076f48d0f29ac5de?s=24&d=retro", "openid": "rsroka.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}]}, "comments": [{"karma": 0, "karma_critpath": 0, "text": "This update has been submitted for testing by rsroka. ", "timestamp": "2021-01-26 20:38:36", "update_id": 275268, "user_id": 91, "id": 1838627, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update's test gating status has been changed to 'ignored'.", "timestamp": "2021-01-26 20:38:36", "update_id": 275268, "user_id": 91, "id": 1838628, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update's test gating status has been changed to 'waiting'.", "timestamp": "2021-01-26 20:38:36", "update_id": 275268, "user_id": 91, "id": 1838629, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update's test gating status has been changed to 'ignored'.", "timestamp": "2021-01-26 21:03:40", "update_id": 275268, "user_id": 91, "id": 1838658, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2021-01-26 23:57:55", "update_id": 275268, "user_id": 989, "id": 1838777, "bug_feedback": [{"karma": 0, "comment_id": 1838777, "bug_id": 1917684, "bug": {"bug_id": 1917684, "title": "CVE-2021-3156 sudo: Heap buffer overflow in argument parsing", "security": true, "parent": true}}, {"karma": 0, "comment_id": 1838777, "bug_id": 1920611, "bug": {"bug_id": 1920611, "title": "sudo-1.9.5p2 is available", "security": false, "parent": false}}, {"karma": 0, "comment_id": 1838777, "bug_id": 1920618, "bug": {"bug_id": 1920618, "title": "CVE-2021-3156 sudo: Heap buffer overflow in argument parsing [fedora-all]", "security": true, "parent": false}}], "testcase_feedback": [], "user": {"name": "tflink", "email": "tflink@tirfa.com", "id": 989, "avatar": "https://seccdn.libravatar.org/avatar/8558723ef14d6036c4d400b19d1e2d25f0460a121211f4215f2ca35458bab498?s=24&d=retro", "openid": "tflink.id.fedoraproject.org", "groups": [{"name": "proventesters"}, {"name": "qa-tools-sig"}, {"name": "packager"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "ipausers"}, {"name": "fi-apprentice"}, {"name": "sysadmin-qa"}, {"name": "sysadmin-dns"}, {"name": "qa-automation-shell"}, {"name": "communishift"}, {"name": "sysadmin-upstreamfirst"}, {"name": "qa-beaker-user"}, {"name": "qa-admin"}, {"name": "aws-qa"}, {"name": "sysadmin"}, {"name": "hosted-content"}, {"name": "fedora-contributor"}, {"name": "qa"}, {"name": "gitfedora-build-service"}, {"name": "fedora-ci-admins"}, {"name": "ai-ml-sig"}, {"name": "rocm-packagers-sig"}, {"name": "ai-ml-sig-admin"}, {"name": "pytorch-sig"}, {"name": "gitlab-fedora-aiml-maintainer"}, {"name": "gitlab-fedora-aiml-admin"}, {"name": "gitlab-fedora-aiml-developer"}]}}, {"karma": 1, "karma_critpath": 0, "text": "Address the correctly the CVE-2021-3156 and CVE-2021-23239", "timestamp": "2021-01-27 01:11:55", "update_id": 275268, "user_id": 3278, "id": 1838811, "bug_feedback": [{"karma": 0, "comment_id": 1838811, "bug_id": 1917684, "bug": {"bug_id": 1917684, "title": "CVE-2021-3156 sudo: Heap buffer overflow in argument parsing", "security": true, "parent": true}}, {"karma": 0, "comment_id": 1838811, "bug_id": 1920611, "bug": {"bug_id": 1920611, "title": "sudo-1.9.5p2 is available", "security": false, "parent": false}}, {"karma": 0, "comment_id": 1838811, "bug_id": 1920618, "bug": {"bug_id": 1920618, "title": "CVE-2021-3156 sudo: Heap buffer overflow in argument parsing [fedora-all]", "security": true, "parent": false}}], "testcase_feedback": [], "user": {"name": "bt0dotninja", "email": "hotgalan@gmail.com", "id": 3278, "avatar": "https://seccdn.libravatar.org/avatar/c60ab53f3bfe23061b21fd0bd0b53fe94c3322dfc6dc4a7d8d04f7d8efd098f8?s=24&d=retro", "openid": "bt0dotninja.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "fedora-contributor"}, {"name": "dotnet-team"}, {"name": "marketing"}, {"name": "mindshare"}, {"name": "council"}, {"name": "diversity-team"}, {"name": "fedorabugs"}, {"name": "neuro-sig"}, {"name": "commops"}, {"name": "ask-fedora"}, {"name": "fedora-join"}, {"name": "wikiedit"}, {"name": "signed_fpca"}, {"name": "summer-coding"}, {"name": "fedora-mx"}, {"name": "advocates"}, {"name": "ambassadors"}, {"name": "ipausers"}]}}, {"karma": 1, "karma_critpath": 0, "text": "Tested and confirmed working. Did not test CVE vulnerability. ", "timestamp": "2021-01-27 01:18:26", "update_id": 275268, "user_id": 2230, "id": 1838817, "bug_feedback": [{"karma": 0, "comment_id": 1838817, "bug_id": 1917684, "bug": {"bug_id": 1917684, "title": "CVE-2021-3156 sudo: Heap buffer overflow in argument parsing", "security": true, "parent": true}}, {"karma": 1, "comment_id": 1838817, "bug_id": 1920611, "bug": {"bug_id": 1920611, "title": "sudo-1.9.5p2 is available", "security": false, "parent": false}}, {"karma": 0, "comment_id": 1838817, "bug_id": 1920618, "bug": {"bug_id": 1920618, "title": "CVE-2021-3156 sudo: Heap buffer overflow in argument parsing [fedora-all]", "security": true, "parent": false}}], "testcase_feedback": [], "user": {"name": "jflory7", "email": "jwf@redhat.com", "id": 2230, "avatar": "https://seccdn.libravatar.org/avatar/4469e083b5d2e74d25d069ecaa8b9033f3faf5123a756593695811364cf1e70b?s=24&d=retro", "openid": "jflory7.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "docs"}, {"name": "signed_fpca"}, {"name": "websites-apps"}, {"name": "fedora-contributor"}, {"name": "commops"}, {"name": "web"}, {"name": "fi-apprentice"}, {"name": "sysadmin-teleirc"}, {"name": "proton-sig"}, {"name": "fedora-socialmedia"}, {"name": "sysadmin-mote"}, {"name": "marketing"}, {"name": "i3-sig"}, {"name": "summer-coding"}, {"name": "campusambassadors"}, {"name": "magazine"}, {"name": "community-blog"}, {"name": "games-sig"}, {"name": "wikiedit"}, {"name": "fedorabugs"}, {"name": "advocates"}, {"name": "sysadmin"}, {"name": "diversity-team"}, {"name": "ambassadors"}, {"name": "gitfossrit"}, {"name": "gitlab-fedora-dei-admin"}, {"name": "mindshare"}, {"name": "council"}, {"name": "marketing-admin"}, {"name": "gitlab-fedora-admin"}, {"name": "elections"}, {"name": "gitlab-fedora-pride-admin"}, {"name": "diversity-pride"}, {"name": "communishift-commops-datanom"}, {"name": "communishift-commops-analytics"}, {"name": "sysadmin-badges"}, {"name": "trust admins"}]}}, {"karma": 0, "karma_critpath": 0, "text": "Tested CVE vulnerability\n\n`sudoedit -s /` now returns usage rather than error, as per the original disclosure.", "timestamp": "2021-01-27 01:50:11", "update_id": 275268, "user_id": 6180, "id": 1838968, "bug_feedback": [{"karma": 1, "comment_id": 1838968, "bug_id": 1917684, "bug": {"bug_id": 1917684, "title": "CVE-2021-3156 sudo: Heap buffer overflow in argument parsing", "security": true, "parent": true}}, {"karma": 1, "comment_id": 1838968, "bug_id": 1920611, "bug": {"bug_id": 1920611, "title": "sudo-1.9.5p2 is available", "security": false, "parent": false}}, {"karma": 1, "comment_id": 1838968, "bug_id": 1920618, "bug": {"bug_id": 1920618, "title": "CVE-2021-3156 sudo: Heap buffer overflow in argument parsing [fedora-all]", "security": true, "parent": false}}], "testcase_feedback": [], "user": {"name": "mxmeinhold", "email": "mxmeinhold@gmail.com", "id": 6180, "avatar": "https://seccdn.libravatar.org/avatar/5bdf245eb79ce119ead609f660ee9b552b822cc04a3bfbd954827d51b42006ee?s=24&d=retro", "openid": "mxmeinhold.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been pushed to testing.", "timestamp": "2021-01-27 01:51:41", "update_id": 275268, "user_id": 91, "id": 1838990, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been submitted for stable by bodhi. ", "timestamp": "2021-01-27 01:51:42", "update_id": 275268, "user_id": 91, "id": 1838992, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 1, "karma_critpath": 0, "text": "Works well.", "timestamp": "2021-01-27 01:51:51", "update_id": 275268, "user_id": 5041, "id": 1838993, "bug_feedback": [{"karma": 1, "comment_id": 1838993, "bug_id": 1917684, "bug": {"bug_id": 1917684, "title": "CVE-2021-3156 sudo: Heap buffer overflow in argument parsing", "security": true, "parent": true}}, {"karma": 1, "comment_id": 1838993, "bug_id": 1920611, "bug": {"bug_id": 1920611, "title": "sudo-1.9.5p2 is available", "security": false, "parent": false}}, {"karma": 1, "comment_id": 1838993, "bug_id": 1920618, "bug": {"bug_id": 1920618, "title": "CVE-2021-3156 sudo: Heap buffer overflow in argument parsing [fedora-all]", "security": true, "parent": false}}], "testcase_feedback": [], "user": {"name": "scorreia", "email": "scorreia@redhat.com", "id": 5041, "avatar": "https://seccdn.libravatar.org/avatar/5f83ed6eac4bb1403c88508f87162f1b1a11cf80de64422efbeecd359a92f6ce?s=24&d=retro", "openid": "scorreia.id.fedoraproject.org", "groups": [{"name": "qa"}, {"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}]}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been pushed to stable.", "timestamp": "2021-01-27 04:11:57", "update_id": 275268, "user_id": 91, "id": 1839190, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}], "builds": [{"nvr": "sudo-1.9.5p2-1.fc32", "signed": true, "release_id": 35, "type": "rpm", "epoch": 0}], "bugs": [{"bug_id": 1917684, "title": "CVE-2021-3156 sudo: Heap buffer overflow in argument parsing", "security": true, "parent": true, "feedback": [{"karma": 1, "comment_id": 1854403, "bug_id": 1917684, "comment": {"karma": 1, "karma_critpath": 0, "text": "WFM", "timestamp": "2021-02-02 03:10:34", "update_id": 275267, "user_id": 5881, "id": 1854403, "testcase_feedback": [], "user": {"name": "geraldosimiao", "email": "geraldo.simiao.kutz@gmail.com", "id": 5881, "avatar": "https://seccdn.libravatar.org/avatar/03fa5b58e8ac78544bf41ad8ecf9ee1920f2ebedb86542c2f4cdf7ef15813168?s=24&d=retro", "openid": "geraldosimiao.id.fedoraproject.org", "groups": [{"name": "qa"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "ambassadors"}, {"name": "fedora-br"}, {"name": "advocates"}, {"name": "respins-sig"}]}}}, {"karma": 1, "comment_id": 1838670, "bug_id": 1917684, "comment": {"karma": 1, "karma_critpath": 0, "text": "CVE-2021-3156 fixed. (`\"sudoedit -s /\"` returns usage instead of error, as described in [the blog post's FAQ](https://blog.qualys.com/vulnerabilities-research/2021/01/26/cve-2021-3156-heap-based-buffer-overflow-in-sudo-baron-samedit)).", "timestamp": "2021-01-26 21:21:07", "update_id": 275267, "user_id": 3110, "id": 1838670, "testcase_feedback": [], "user": {"name": "gourlaysama", "email": "antoine@gourlay.fr", "id": 3110, "avatar": "https://seccdn.libravatar.org/avatar/bcae65b6122222ddbf1c5ea63779d3ffa101cb66b397c099631143043ebee8a4?s=24&d=retro", "openid": "gourlaysama.id.fedoraproject.org", "groups": []}}}, {"karma": 0, "comment_id": 1838675, "bug_id": 1917684, "comment": {"karma": 1, "karma_critpath": 0, "text": "Works. Did not validate that the exploit is fixed.", "timestamp": "2021-01-26 21:25:59", "update_id": 275267, "user_id": 1218, "id": 1838675, "testcase_feedback": [], "user": {"name": "mattdm", "email": "mattdm@mattdm.org", "id": 1218, "avatar": "https://seccdn.libravatar.org/avatar/068534faddd1e5a9df8c61a891e66b0ebecab952020aa0fc9ecb2a48911d52d3?s=24&d=retro", "openid": "mattdm.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "discussion-mods-ask"}, {"name": "discussion-mods-centos"}, {"name": "aws-fpl"}, {"name": "discussion-bots"}, {"name": "communishift-mattdm"}, {"name": "common-issues-triage"}, {"name": "admins"}, {"name": "fedora-socialmedia"}, {"name": "aws"}, {"name": "gitspins"}, {"name": "ambassadors"}, {"name": "accounts"}, {"name": "elections"}, {"name": "docs"}, {"name": "council"}, {"name": "aws-cloud-poc"}, {"name": "gitcloud-image-service"}, {"name": "aws-s3"}, {"name": "gitdockerfiles"}, {"name": "irc-support-operators"}, {"name": "signed_fpca"}, {"name": "yak_farmers"}, {"name": "ipausers"}, {"name": "aws-billing"}, {"name": "gitcouncil"}, {"name": "sysadmin"}, {"name": "fedorabugs"}, {"name": "magazine"}, {"name": "wikiedit"}, {"name": "marketing"}, {"name": "gitspin-kickstarts"}, {"name": "fedora-contributor"}, {"name": "fi-apprentice"}, {"name": "community-blog"}, {"name": "atomic-wg"}, {"name": "aws-fedoramirror"}, {"name": "sysadmin-analysis"}, {"name": "ask-fedora"}, {"name": "discussion-mods-project"}, {"name": "discussion-mods-help"}, {"name": "discussion-mods-ask-other"}, {"name": "fesco"}, {"name": "discourse-experiments"}, {"name": "ai-ml-sig-admin"}, {"name": "websites-apps-cms"}]}}}, {"karma": 0, "comment_id": 1838743, "bug_id": 1917684, "comment": {"karma": 1, "karma_critpath": 0, "text": "wfm", "timestamp": "2021-01-26 22:55:45", "update_id": 275267, "user_id": 2590, "id": 1838743, "testcase_feedback": [], "user": {"name": "ttrinks", "email": "fedora@bitskids.de", "id": 2590, "avatar": "https://seccdn.libravatar.org/avatar/e2e0418d4f24efaaa36b60822d7c73dfd13ce779b10ed1fe1e316303d8ee7ec8?s=24&d=retro", "openid": "ttrinks.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "l10n"}, {"name": "cvsl10n"}, {"name": "cla_redhat"}, {"name": "svnpublican"}]}}}, {"karma": 1, "comment_id": 1838774, "bug_id": 1917684, "comment": {"karma": 1, "karma_critpath": 0, "text": "I installed the following packages:\n\nsudo dnf install https://kojipkgs.fedoraproject.org//packages/sudo/1.9.5p2/1.fc33/x86_64/sudo-1.9.5p2-1.fc33.x86_64.rpm https://kojipkgs.fedoraproject.org//packages/sudo/1.9.5p2/1.fc33/x86_64/sudo-python-plugin-1.9.5p2-1.fc33.x86_64.rpm\n\n=> rpm -q sudo says \"sudo-1.9.5p2-1.fc33.x86_64\"\n\nVulnerability check using (cd /; sudoedit -s '\\' xxxxxxxxxxxx) command:\n* Before: \"sudoedit: malloc.c:2394: sysmalloc: Assertion (...) failed.\"\n* After: \"usage: sudoedit [-AknS] [-r role] (...)\"\n\nsudo  --version:\n* Before: Sudo version 1.9.5p1\n* After: Sudo version 1.9.5p2\n\nNote: but I failed to test the update in the usual way, \"sudo dnf upgrade --enablerepo=updates-testing --advisory=FEDORA-2021-2cb63d912a\" doesn't find any update.", "timestamp": "2021-01-26 23:39:28", "update_id": 275267, "user_id": 4816, "id": 1838774, "testcase_feedback": [], "user": {"name": "vstinner", "email": "vstinner@redhat.com", "id": 4816, "avatar": "https://seccdn.libravatar.org/avatar/d2f7bd7bb2607f134069719c7002d45a59f380679c8268748978ccc8090414ed?s=24&d=retro", "openid": "vstinner.id.fedoraproject.org", "groups": [{"name": "packager"}]}}}, {"karma": 0, "comment_id": 1838777, "bug_id": 1917684, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2021-01-26 23:57:55", "update_id": 275268, "user_id": 989, "id": 1838777, "testcase_feedback": [], "user": {"name": "tflink", "email": "tflink@tirfa.com", "id": 989, "avatar": "https://seccdn.libravatar.org/avatar/8558723ef14d6036c4d400b19d1e2d25f0460a121211f4215f2ca35458bab498?s=24&d=retro", "openid": "tflink.id.fedoraproject.org", "groups": [{"name": "proventesters"}, {"name": "qa-tools-sig"}, {"name": "packager"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "ipausers"}, {"name": "fi-apprentice"}, {"name": "sysadmin-qa"}, {"name": "sysadmin-dns"}, {"name": "qa-automation-shell"}, {"name": "communishift"}, {"name": "sysadmin-upstreamfirst"}, {"name": "qa-beaker-user"}, {"name": "qa-admin"}, {"name": "aws-qa"}, {"name": "sysadmin"}, {"name": "hosted-content"}, {"name": "fedora-contributor"}, {"name": "qa"}, {"name": "gitfedora-build-service"}, {"name": "fedora-ci-admins"}, {"name": "ai-ml-sig"}, {"name": "rocm-packagers-sig"}, {"name": "ai-ml-sig-admin"}, {"name": "pytorch-sig"}, {"name": "gitlab-fedora-aiml-maintainer"}, {"name": "gitlab-fedora-aiml-admin"}, {"name": "gitlab-fedora-aiml-developer"}]}}}, {"karma": 1, "comment_id": 1838810, "bug_id": 1917684, "comment": {"karma": 1, "karma_critpath": 0, "text": "Fixes vulnerability (tested using `sudoedit -s /` old output: \"`sudoedit: /: not a regular file`\" new output: \"`usage: sudoedit`\")", "timestamp": "2021-01-27 01:03:18", "update_id": 275267, "user_id": 6023, "id": 1838810, "testcase_feedback": [], "user": {"name": "uwueviee", "email": "evie.viau@gmail.com", "id": 6023, "avatar": "https://seccdn.libravatar.org/avatar/1c0510200c4f54421647e2833f39f26191b61ba7a47641b7abbb37ccf43bfc63?s=24&d=retro", "openid": "uwueviee.id.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}]}}}, {"karma": 0, "comment_id": 1838811, "bug_id": 1917684, "comment": {"karma": 1, "karma_critpath": 0, "text": "Address the correctly the CVE-2021-3156 and CVE-2021-23239", "timestamp": "2021-01-27 01:11:55", "update_id": 275268, "user_id": 3278, "id": 1838811, "testcase_feedback": [], "user": {"name": "bt0dotninja", "email": "hotgalan@gmail.com", "id": 3278, "avatar": "https://seccdn.libravatar.org/avatar/c60ab53f3bfe23061b21fd0bd0b53fe94c3322dfc6dc4a7d8d04f7d8efd098f8?s=24&d=retro", "openid": "bt0dotninja.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "fedora-contributor"}, {"name": "dotnet-team"}, {"name": "marketing"}, {"name": "mindshare"}, {"name": "council"}, {"name": "diversity-team"}, {"name": "fedorabugs"}, {"name": "neuro-sig"}, {"name": "commops"}, {"name": "ask-fedora"}, {"name": "fedora-join"}, {"name": "wikiedit"}, {"name": "signed_fpca"}, {"name": "summer-coding"}, {"name": "fedora-mx"}, {"name": "advocates"}, {"name": "ambassadors"}, {"name": "ipausers"}]}}}, {"karma": 0, "comment_id": 1838817, "bug_id": 1917684, "comment": {"karma": 1, "karma_critpath": 0, "text": "Tested and confirmed working. Did not test CVE vulnerability. ", "timestamp": "2021-01-27 01:18:26", "update_id": 275268, "user_id": 2230, "id": 1838817, "testcase_feedback": [], "user": {"name": "jflory7", "email": "jwf@redhat.com", "id": 2230, "avatar": "https://seccdn.libravatar.org/avatar/4469e083b5d2e74d25d069ecaa8b9033f3faf5123a756593695811364cf1e70b?s=24&d=retro", "openid": "jflory7.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "docs"}, {"name": "signed_fpca"}, {"name": "websites-apps"}, {"name": "fedora-contributor"}, {"name": "commops"}, {"name": "web"}, {"name": "fi-apprentice"}, {"name": "sysadmin-teleirc"}, {"name": "proton-sig"}, {"name": "fedora-socialmedia"}, {"name": "sysadmin-mote"}, {"name": "marketing"}, {"name": "i3-sig"}, {"name": "summer-coding"}, {"name": "campusambassadors"}, {"name": "magazine"}, {"name": "community-blog"}, {"name": "games-sig"}, {"name": "wikiedit"}, {"name": "fedorabugs"}, {"name": "advocates"}, {"name": "sysadmin"}, {"name": "diversity-team"}, {"name": "ambassadors"}, {"name": "gitfossrit"}, {"name": "gitlab-fedora-dei-admin"}, {"name": "mindshare"}, {"name": "council"}, {"name": "marketing-admin"}, {"name": "gitlab-fedora-admin"}, {"name": "elections"}, {"name": "gitlab-fedora-pride-admin"}, {"name": "diversity-pride"}, {"name": "communishift-commops-datanom"}, {"name": "communishift-commops-analytics"}, {"name": "sysadmin-badges"}, {"name": "trust admins"}]}}}, {"karma": 1, "comment_id": 1838918, "bug_id": 1917684, "comment": {"karma": 1, "karma_critpath": 0, "text": "Works well.", "timestamp": "2021-01-27 01:32:24", "update_id": 275267, "user_id": 5041, "id": 1838918, "testcase_feedback": [], "user": {"name": "scorreia", "email": "scorreia@redhat.com", "id": 5041, "avatar": "https://seccdn.libravatar.org/avatar/5f83ed6eac4bb1403c88508f87162f1b1a11cf80de64422efbeecd359a92f6ce?s=24&d=retro", "openid": "scorreia.id.fedoraproject.org", "groups": [{"name": "qa"}, {"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}]}}}, {"karma": 1, "comment_id": 1838968, "bug_id": 1917684, "comment": {"karma": 0, "karma_critpath": 0, "text": "Tested CVE vulnerability\n\n`sudoedit -s /` now returns usage rather than error, as per the original disclosure.", "timestamp": "2021-01-27 01:50:11", "update_id": 275268, "user_id": 6180, "id": 1838968, "testcase_feedback": [], "user": {"name": "mxmeinhold", "email": "mxmeinhold@gmail.com", "id": 6180, "avatar": "https://seccdn.libravatar.org/avatar/5bdf245eb79ce119ead609f660ee9b552b822cc04a3bfbd954827d51b42006ee?s=24&d=retro", "openid": "mxmeinhold.id.fedoraproject.org", "groups": []}}}, {"karma": 1, "comment_id": 1838993, "bug_id": 1917684, "comment": {"karma": 1, "karma_critpath": 0, "text": "Works well.", "timestamp": "2021-01-27 01:51:51", "update_id": 275268, "user_id": 5041, "id": 1838993, "testcase_feedback": [], "user": {"name": "scorreia", "email": "scorreia@redhat.com", "id": 5041, "avatar": "https://seccdn.libravatar.org/avatar/5f83ed6eac4bb1403c88508f87162f1b1a11cf80de64422efbeecd359a92f6ce?s=24&d=retro", "openid": "scorreia.id.fedoraproject.org", "groups": [{"name": "qa"}, {"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}]}}}, {"karma": 1, "comment_id": 1839993, "bug_id": 1917684, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2021-01-27 17:37:53", "update_id": 275267, "user_id": 5615, "id": 1839993, "testcase_feedback": [], "user": {"name": "ersen", "email": "oguz@ersen.moe", "id": 5615, "avatar": "https://seccdn.libravatar.org/avatar/b7a62226e7d88529ca69787274bacac45092c0f9bc56e521090d83f859529ce4?s=24&d=retro", "openid": "ersen.id.fedoraproject.org", "groups": [{"name": "qa"}, {"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "l10n"}, {"name": "fedora-join"}, {"name": "ask-fedora"}]}}}, {"karma": 1, "comment_id": 1838749, "bug_id": 1917684, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2021-01-26 22:58:03", "update_id": 275267, "user_id": 1501, "id": 1838749, "testcase_feedback": [], "user": {"name": "edwintorok", "email": "edwin+bugs@etorok.net", "id": 1501, "avatar": "https://seccdn.libravatar.org/avatar/9a0c04f4f1519665012763c19bb0ce32971640f0eed3d747d6ea718092be5e71?s=24&d=retro", "openid": "edwintorok.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}]}}}, {"karma": 1, "comment_id": 1839211, "bug_id": 1917684, "comment": {"karma": 1, "karma_critpath": 0, "text": "wfm", "timestamp": "2021-01-27 05:43:08", "update_id": 275267, "user_id": 4555, "id": 1839211, "testcase_feedback": [], "user": {"name": "t3rm1n4l", "email": "stealthcipher@gmail.com", "id": 4555, "avatar": "https://seccdn.libravatar.org/avatar/cb6c19faf9628e1df86e8566dea353017cb4d032ca56ef353fdb860693df9fef?s=24&d=retro", "openid": "t3rm1n4l.id.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}]}}}, {"karma": 1, "comment_id": 1840261, "bug_id": 1917684, "comment": {"karma": 1, "karma_critpath": 0, "text": "Worked here", "timestamp": "2021-01-27 22:12:33", "update_id": 275267, "user_id": 6186, "id": 1840261, "testcase_feedback": [], "user": {"name": "odilhao", "email": "odilon.junior93@gmail.com", "id": 6186, "avatar": "https://seccdn.libravatar.org/avatar/51fe728c4cdbfffb3b7a9c04939b6a1b8ca904ffcbd1e23baa57311809adbf82?s=24&d=retro", "openid": "odilhao.id.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "i3-sig"}]}}}]}, {"bug_id": 1920611, "title": "sudo-1.9.5p2 is available", "security": false, "parent": false, "feedback": [{"karma": 1, "comment_id": 1854403, "bug_id": 1920611, "comment": {"karma": 1, "karma_critpath": 0, "text": "WFM", "timestamp": "2021-02-02 03:10:34", "update_id": 275267, "user_id": 5881, "id": 1854403, "testcase_feedback": [], "user": {"name": "geraldosimiao", "email": "geraldo.simiao.kutz@gmail.com", "id": 5881, "avatar": "https://seccdn.libravatar.org/avatar/03fa5b58e8ac78544bf41ad8ecf9ee1920f2ebedb86542c2f4cdf7ef15813168?s=24&d=retro", "openid": "geraldosimiao.id.fedoraproject.org", "groups": [{"name": "qa"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "ambassadors"}, {"name": "fedora-br"}, {"name": "advocates"}, {"name": "respins-sig"}]}}}, {"karma": 1, "comment_id": 1838670, "bug_id": 1920611, "comment": {"karma": 1, "karma_critpath": 0, "text": "CVE-2021-3156 fixed. (`\"sudoedit -s /\"` returns usage instead of error, as described in [the blog post's FAQ](https://blog.qualys.com/vulnerabilities-research/2021/01/26/cve-2021-3156-heap-based-buffer-overflow-in-sudo-baron-samedit)).", "timestamp": "2021-01-26 21:21:07", "update_id": 275267, "user_id": 3110, "id": 1838670, "testcase_feedback": [], "user": {"name": "gourlaysama", "email": "antoine@gourlay.fr", "id": 3110, "avatar": "https://seccdn.libravatar.org/avatar/bcae65b6122222ddbf1c5ea63779d3ffa101cb66b397c099631143043ebee8a4?s=24&d=retro", "openid": "gourlaysama.id.fedoraproject.org", "groups": []}}}, {"karma": 1, "comment_id": 1838675, "bug_id": 1920611, "comment": {"karma": 1, "karma_critpath": 0, "text": "Works. Did not validate that the exploit is fixed.", "timestamp": "2021-01-26 21:25:59", "update_id": 275267, "user_id": 1218, "id": 1838675, "testcase_feedback": [], "user": {"name": "mattdm", "email": "mattdm@mattdm.org", "id": 1218, "avatar": "https://seccdn.libravatar.org/avatar/068534faddd1e5a9df8c61a891e66b0ebecab952020aa0fc9ecb2a48911d52d3?s=24&d=retro", "openid": "mattdm.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "discussion-mods-ask"}, {"name": "discussion-mods-centos"}, {"name": "aws-fpl"}, {"name": "discussion-bots"}, {"name": "communishift-mattdm"}, {"name": "common-issues-triage"}, {"name": "admins"}, {"name": "fedora-socialmedia"}, {"name": "aws"}, {"name": "gitspins"}, {"name": "ambassadors"}, {"name": "accounts"}, {"name": "elections"}, {"name": "docs"}, {"name": "council"}, {"name": "aws-cloud-poc"}, {"name": "gitcloud-image-service"}, {"name": "aws-s3"}, {"name": "gitdockerfiles"}, {"name": "irc-support-operators"}, {"name": "signed_fpca"}, {"name": "yak_farmers"}, {"name": "ipausers"}, {"name": "aws-billing"}, {"name": "gitcouncil"}, {"name": "sysadmin"}, {"name": "fedorabugs"}, {"name": "magazine"}, {"name": "wikiedit"}, {"name": "marketing"}, {"name": "gitspin-kickstarts"}, {"name": "fedora-contributor"}, {"name": "fi-apprentice"}, {"name": "community-blog"}, {"name": "atomic-wg"}, {"name": "aws-fedoramirror"}, {"name": "sysadmin-analysis"}, {"name": "ask-fedora"}, {"name": "discussion-mods-project"}, {"name": "discussion-mods-help"}, {"name": "discussion-mods-ask-other"}, {"name": "fesco"}, {"name": "discourse-experiments"}, {"name": "ai-ml-sig-admin"}, {"name": "websites-apps-cms"}]}}}, {"karma": 0, "comment_id": 1838743, "bug_id": 1920611, "comment": {"karma": 1, "karma_critpath": 0, "text": "wfm", "timestamp": "2021-01-26 22:55:45", "update_id": 275267, "user_id": 2590, "id": 1838743, "testcase_feedback": [], "user": {"name": "ttrinks", "email": "fedora@bitskids.de", "id": 2590, "avatar": "https://seccdn.libravatar.org/avatar/e2e0418d4f24efaaa36b60822d7c73dfd13ce779b10ed1fe1e316303d8ee7ec8?s=24&d=retro", "openid": "ttrinks.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "l10n"}, {"name": "cvsl10n"}, {"name": "cla_redhat"}, {"name": "svnpublican"}]}}}, {"karma": 1, "comment_id": 1838774, "bug_id": 1920611, "comment": {"karma": 1, "karma_critpath": 0, "text": "I installed the following packages:\n\nsudo dnf install https://kojipkgs.fedoraproject.org//packages/sudo/1.9.5p2/1.fc33/x86_64/sudo-1.9.5p2-1.fc33.x86_64.rpm https://kojipkgs.fedoraproject.org//packages/sudo/1.9.5p2/1.fc33/x86_64/sudo-python-plugin-1.9.5p2-1.fc33.x86_64.rpm\n\n=> rpm -q sudo says \"sudo-1.9.5p2-1.fc33.x86_64\"\n\nVulnerability check using (cd /; sudoedit -s '\\' xxxxxxxxxxxx) command:\n* Before: \"sudoedit: malloc.c:2394: sysmalloc: Assertion (...) failed.\"\n* After: \"usage: sudoedit [-AknS] [-r role] (...)\"\n\nsudo  --version:\n* Before: Sudo version 1.9.5p1\n* After: Sudo version 1.9.5p2\n\nNote: but I failed to test the update in the usual way, \"sudo dnf upgrade --enablerepo=updates-testing --advisory=FEDORA-2021-2cb63d912a\" doesn't find any update.", "timestamp": "2021-01-26 23:39:28", "update_id": 275267, "user_id": 4816, "id": 1838774, "testcase_feedback": [], "user": {"name": "vstinner", "email": "vstinner@redhat.com", "id": 4816, "avatar": "https://seccdn.libravatar.org/avatar/d2f7bd7bb2607f134069719c7002d45a59f380679c8268748978ccc8090414ed?s=24&d=retro", "openid": "vstinner.id.fedoraproject.org", "groups": [{"name": "packager"}]}}}, {"karma": 0, "comment_id": 1838777, "bug_id": 1920611, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2021-01-26 23:57:55", "update_id": 275268, "user_id": 989, "id": 1838777, "testcase_feedback": [], "user": {"name": "tflink", "email": "tflink@tirfa.com", "id": 989, "avatar": "https://seccdn.libravatar.org/avatar/8558723ef14d6036c4d400b19d1e2d25f0460a121211f4215f2ca35458bab498?s=24&d=retro", "openid": "tflink.id.fedoraproject.org", "groups": [{"name": "proventesters"}, {"name": "qa-tools-sig"}, {"name": "packager"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "ipausers"}, {"name": "fi-apprentice"}, {"name": "sysadmin-qa"}, {"name": "sysadmin-dns"}, {"name": "qa-automation-shell"}, {"name": "communishift"}, {"name": "sysadmin-upstreamfirst"}, {"name": "qa-beaker-user"}, {"name": "qa-admin"}, {"name": "aws-qa"}, {"name": "sysadmin"}, {"name": "hosted-content"}, {"name": "fedora-contributor"}, {"name": "qa"}, {"name": "gitfedora-build-service"}, {"name": "fedora-ci-admins"}, {"name": "ai-ml-sig"}, {"name": "rocm-packagers-sig"}, {"name": "ai-ml-sig-admin"}, {"name": "pytorch-sig"}, {"name": "gitlab-fedora-aiml-maintainer"}, {"name": "gitlab-fedora-aiml-admin"}, {"name": "gitlab-fedora-aiml-developer"}]}}}, {"karma": 1, "comment_id": 1838810, "bug_id": 1920611, "comment": {"karma": 1, "karma_critpath": 0, "text": "Fixes vulnerability (tested using `sudoedit -s /` old output: \"`sudoedit: /: not a regular file`\" new output: \"`usage: sudoedit`\")", "timestamp": "2021-01-27 01:03:18", "update_id": 275267, "user_id": 6023, "id": 1838810, "testcase_feedback": [], "user": {"name": "uwueviee", "email": "evie.viau@gmail.com", "id": 6023, "avatar": "https://seccdn.libravatar.org/avatar/1c0510200c4f54421647e2833f39f26191b61ba7a47641b7abbb37ccf43bfc63?s=24&d=retro", "openid": "uwueviee.id.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}]}}}, {"karma": 0, "comment_id": 1838811, "bug_id": 1920611, "comment": {"karma": 1, "karma_critpath": 0, "text": "Address the correctly the CVE-2021-3156 and CVE-2021-23239", "timestamp": "2021-01-27 01:11:55", "update_id": 275268, "user_id": 3278, "id": 1838811, "testcase_feedback": [], "user": {"name": "bt0dotninja", "email": "hotgalan@gmail.com", "id": 3278, "avatar": "https://seccdn.libravatar.org/avatar/c60ab53f3bfe23061b21fd0bd0b53fe94c3322dfc6dc4a7d8d04f7d8efd098f8?s=24&d=retro", "openid": "bt0dotninja.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "fedora-contributor"}, {"name": "dotnet-team"}, {"name": "marketing"}, {"name": "mindshare"}, {"name": "council"}, {"name": "diversity-team"}, {"name": "fedorabugs"}, {"name": "neuro-sig"}, {"name": "commops"}, {"name": "ask-fedora"}, {"name": "fedora-join"}, {"name": "wikiedit"}, {"name": "signed_fpca"}, {"name": "summer-coding"}, {"name": "fedora-mx"}, {"name": "advocates"}, {"name": "ambassadors"}, {"name": "ipausers"}]}}}, {"karma": 1, "comment_id": 1838817, "bug_id": 1920611, "comment": {"karma": 1, "karma_critpath": 0, "text": "Tested and confirmed working. Did not test CVE vulnerability. ", "timestamp": "2021-01-27 01:18:26", "update_id": 275268, "user_id": 2230, "id": 1838817, "testcase_feedback": [], "user": {"name": "jflory7", "email": "jwf@redhat.com", "id": 2230, "avatar": "https://seccdn.libravatar.org/avatar/4469e083b5d2e74d25d069ecaa8b9033f3faf5123a756593695811364cf1e70b?s=24&d=retro", "openid": "jflory7.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "docs"}, {"name": "signed_fpca"}, {"name": "websites-apps"}, {"name": "fedora-contributor"}, {"name": "commops"}, {"name": "web"}, {"name": "fi-apprentice"}, {"name": "sysadmin-teleirc"}, {"name": "proton-sig"}, {"name": "fedora-socialmedia"}, {"name": "sysadmin-mote"}, {"name": "marketing"}, {"name": "i3-sig"}, {"name": "summer-coding"}, {"name": "campusambassadors"}, {"name": "magazine"}, {"name": "community-blog"}, {"name": "games-sig"}, {"name": "wikiedit"}, {"name": "fedorabugs"}, {"name": "advocates"}, {"name": "sysadmin"}, {"name": "diversity-team"}, {"name": "ambassadors"}, {"name": "gitfossrit"}, {"name": "gitlab-fedora-dei-admin"}, {"name": "mindshare"}, {"name": "council"}, {"name": "marketing-admin"}, {"name": "gitlab-fedora-admin"}, {"name": "elections"}, {"name": "gitlab-fedora-pride-admin"}, {"name": "diversity-pride"}, {"name": "communishift-commops-datanom"}, {"name": "communishift-commops-analytics"}, {"name": "sysadmin-badges"}, {"name": "trust admins"}]}}}, {"karma": 1, "comment_id": 1838918, "bug_id": 1920611, "comment": {"karma": 1, "karma_critpath": 0, "text": "Works well.", "timestamp": "2021-01-27 01:32:24", "update_id": 275267, "user_id": 5041, "id": 1838918, "testcase_feedback": [], "user": {"name": "scorreia", "email": "scorreia@redhat.com", "id": 5041, "avatar": "https://seccdn.libravatar.org/avatar/5f83ed6eac4bb1403c88508f87162f1b1a11cf80de64422efbeecd359a92f6ce?s=24&d=retro", "openid": "scorreia.id.fedoraproject.org", "groups": [{"name": "qa"}, {"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}]}}}, {"karma": 1, "comment_id": 1838968, "bug_id": 1920611, "comment": {"karma": 0, "karma_critpath": 0, "text": "Tested CVE vulnerability\n\n`sudoedit -s /` now returns usage rather than error, as per the original disclosure.", "timestamp": "2021-01-27 01:50:11", "update_id": 275268, "user_id": 6180, "id": 1838968, "testcase_feedback": [], "user": {"name": "mxmeinhold", "email": "mxmeinhold@gmail.com", "id": 6180, "avatar": "https://seccdn.libravatar.org/avatar/5bdf245eb79ce119ead609f660ee9b552b822cc04a3bfbd954827d51b42006ee?s=24&d=retro", "openid": "mxmeinhold.id.fedoraproject.org", "groups": []}}}, {"karma": 1, "comment_id": 1838993, "bug_id": 1920611, "comment": {"karma": 1, "karma_critpath": 0, "text": "Works well.", "timestamp": "2021-01-27 01:51:51", "update_id": 275268, "user_id": 5041, "id": 1838993, "testcase_feedback": [], "user": {"name": "scorreia", "email": "scorreia@redhat.com", "id": 5041, "avatar": "https://seccdn.libravatar.org/avatar/5f83ed6eac4bb1403c88508f87162f1b1a11cf80de64422efbeecd359a92f6ce?s=24&d=retro", "openid": "scorreia.id.fedoraproject.org", "groups": [{"name": "qa"}, {"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}]}}}, {"karma": 0, "comment_id": 1839993, "bug_id": 1920611, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2021-01-27 17:37:53", "update_id": 275267, "user_id": 5615, "id": 1839993, "testcase_feedback": [], "user": {"name": "ersen", "email": "oguz@ersen.moe", "id": 5615, "avatar": "https://seccdn.libravatar.org/avatar/b7a62226e7d88529ca69787274bacac45092c0f9bc56e521090d83f859529ce4?s=24&d=retro", "openid": "ersen.id.fedoraproject.org", "groups": [{"name": "qa"}, {"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "l10n"}, {"name": "fedora-join"}, {"name": "ask-fedora"}]}}}, {"karma": 0, "comment_id": 1838749, "bug_id": 1920611, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2021-01-26 22:58:03", "update_id": 275267, "user_id": 1501, "id": 1838749, "testcase_feedback": [], "user": {"name": "edwintorok", "email": "edwin+bugs@etorok.net", "id": 1501, "avatar": "https://seccdn.libravatar.org/avatar/9a0c04f4f1519665012763c19bb0ce32971640f0eed3d747d6ea718092be5e71?s=24&d=retro", "openid": "edwintorok.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}]}}}, {"karma": 1, "comment_id": 1839211, "bug_id": 1920611, "comment": {"karma": 1, "karma_critpath": 0, "text": "wfm", "timestamp": "2021-01-27 05:43:08", "update_id": 275267, "user_id": 4555, "id": 1839211, "testcase_feedback": [], "user": {"name": "t3rm1n4l", "email": "stealthcipher@gmail.com", "id": 4555, "avatar": "https://seccdn.libravatar.org/avatar/cb6c19faf9628e1df86e8566dea353017cb4d032ca56ef353fdb860693df9fef?s=24&d=retro", "openid": "t3rm1n4l.id.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}]}}}, {"karma": 1, "comment_id": 1840261, "bug_id": 1920611, "comment": {"karma": 1, "karma_critpath": 0, "text": "Worked here", "timestamp": "2021-01-27 22:12:33", "update_id": 275267, "user_id": 6186, "id": 1840261, "testcase_feedback": [], "user": {"name": "odilhao", "email": "odilon.junior93@gmail.com", "id": 6186, "avatar": "https://seccdn.libravatar.org/avatar/51fe728c4cdbfffb3b7a9c04939b6a1b8ca904ffcbd1e23baa57311809adbf82?s=24&d=retro", "openid": "odilhao.id.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "i3-sig"}]}}}]}, {"bug_id": 1920618, "title": "CVE-2021-3156 sudo: Heap buffer overflow in argument parsing [fedora-all]", "security": true, "parent": false, "feedback": [{"karma": 1, "comment_id": 1854403, "bug_id": 1920618, "comment": {"karma": 1, "karma_critpath": 0, "text": "WFM", "timestamp": "2021-02-02 03:10:34", "update_id": 275267, "user_id": 5881, "id": 1854403, "testcase_feedback": [], "user": {"name": "geraldosimiao", "email": "geraldo.simiao.kutz@gmail.com", "id": 5881, "avatar": "https://seccdn.libravatar.org/avatar/03fa5b58e8ac78544bf41ad8ecf9ee1920f2ebedb86542c2f4cdf7ef15813168?s=24&d=retro", "openid": "geraldosimiao.id.fedoraproject.org", "groups": [{"name": "qa"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "ambassadors"}, {"name": "fedora-br"}, {"name": "advocates"}, {"name": "respins-sig"}]}}}, {"karma": 1, "comment_id": 1838670, "bug_id": 1920618, "comment": {"karma": 1, "karma_critpath": 0, "text": "CVE-2021-3156 fixed. (`\"sudoedit -s /\"` returns usage instead of error, as described in [the blog post's FAQ](https://blog.qualys.com/vulnerabilities-research/2021/01/26/cve-2021-3156-heap-based-buffer-overflow-in-sudo-baron-samedit)).", "timestamp": "2021-01-26 21:21:07", "update_id": 275267, "user_id": 3110, "id": 1838670, "testcase_feedback": [], "user": {"name": "gourlaysama", "email": "antoine@gourlay.fr", "id": 3110, "avatar": "https://seccdn.libravatar.org/avatar/bcae65b6122222ddbf1c5ea63779d3ffa101cb66b397c099631143043ebee8a4?s=24&d=retro", "openid": "gourlaysama.id.fedoraproject.org", "groups": []}}}, {"karma": 0, "comment_id": 1838675, "bug_id": 1920618, "comment": {"karma": 1, "karma_critpath": 0, "text": "Works. Did not validate that the exploit is fixed.", "timestamp": "2021-01-26 21:25:59", "update_id": 275267, "user_id": 1218, "id": 1838675, "testcase_feedback": [], "user": {"name": "mattdm", "email": "mattdm@mattdm.org", "id": 1218, "avatar": "https://seccdn.libravatar.org/avatar/068534faddd1e5a9df8c61a891e66b0ebecab952020aa0fc9ecb2a48911d52d3?s=24&d=retro", "openid": "mattdm.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "discussion-mods-ask"}, {"name": "discussion-mods-centos"}, {"name": "aws-fpl"}, {"name": "discussion-bots"}, {"name": "communishift-mattdm"}, {"name": "common-issues-triage"}, {"name": "admins"}, {"name": "fedora-socialmedia"}, {"name": "aws"}, {"name": "gitspins"}, {"name": "ambassadors"}, {"name": "accounts"}, {"name": "elections"}, {"name": "docs"}, {"name": "council"}, {"name": "aws-cloud-poc"}, {"name": "gitcloud-image-service"}, {"name": "aws-s3"}, {"name": "gitdockerfiles"}, {"name": "irc-support-operators"}, {"name": "signed_fpca"}, {"name": "yak_farmers"}, {"name": "ipausers"}, {"name": "aws-billing"}, {"name": "gitcouncil"}, {"name": "sysadmin"}, {"name": "fedorabugs"}, {"name": "magazine"}, {"name": "wikiedit"}, {"name": "marketing"}, {"name": "gitspin-kickstarts"}, {"name": "fedora-contributor"}, {"name": "fi-apprentice"}, {"name": "community-blog"}, {"name": "atomic-wg"}, {"name": "aws-fedoramirror"}, {"name": "sysadmin-analysis"}, {"name": "ask-fedora"}, {"name": "discussion-mods-project"}, {"name": "discussion-mods-help"}, {"name": "discussion-mods-ask-other"}, {"name": "fesco"}, {"name": "discourse-experiments"}, {"name": "ai-ml-sig-admin"}, {"name": "websites-apps-cms"}]}}}, {"karma": 0, "comment_id": 1838743, "bug_id": 1920618, "comment": {"karma": 1, "karma_critpath": 0, "text": "wfm", "timestamp": "2021-01-26 22:55:45", "update_id": 275267, "user_id": 2590, "id": 1838743, "testcase_feedback": [], "user": {"name": "ttrinks", "email": "fedora@bitskids.de", "id": 2590, "avatar": "https://seccdn.libravatar.org/avatar/e2e0418d4f24efaaa36b60822d7c73dfd13ce779b10ed1fe1e316303d8ee7ec8?s=24&d=retro", "openid": "ttrinks.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "l10n"}, {"name": "cvsl10n"}, {"name": "cla_redhat"}, {"name": "svnpublican"}]}}}, {"karma": 1, "comment_id": 1838774, "bug_id": 1920618, "comment": {"karma": 1, "karma_critpath": 0, "text": "I installed the following packages:\n\nsudo dnf install https://kojipkgs.fedoraproject.org//packages/sudo/1.9.5p2/1.fc33/x86_64/sudo-1.9.5p2-1.fc33.x86_64.rpm https://kojipkgs.fedoraproject.org//packages/sudo/1.9.5p2/1.fc33/x86_64/sudo-python-plugin-1.9.5p2-1.fc33.x86_64.rpm\n\n=> rpm -q sudo says \"sudo-1.9.5p2-1.fc33.x86_64\"\n\nVulnerability check using (cd /; sudoedit -s '\\' xxxxxxxxxxxx) command:\n* Before: \"sudoedit: malloc.c:2394: sysmalloc: Assertion (...) failed.\"\n* After: \"usage: sudoedit [-AknS] [-r role] (...)\"\n\nsudo  --version:\n* Before: Sudo version 1.9.5p1\n* After: Sudo version 1.9.5p2\n\nNote: but I failed to test the update in the usual way, \"sudo dnf upgrade --enablerepo=updates-testing --advisory=FEDORA-2021-2cb63d912a\" doesn't find any update.", "timestamp": "2021-01-26 23:39:28", "update_id": 275267, "user_id": 4816, "id": 1838774, "testcase_feedback": [], "user": {"name": "vstinner", "email": "vstinner@redhat.com", "id": 4816, "avatar": "https://seccdn.libravatar.org/avatar/d2f7bd7bb2607f134069719c7002d45a59f380679c8268748978ccc8090414ed?s=24&d=retro", "openid": "vstinner.id.fedoraproject.org", "groups": [{"name": "packager"}]}}}, {"karma": 0, "comment_id": 1838777, "bug_id": 1920618, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2021-01-26 23:57:55", "update_id": 275268, "user_id": 989, "id": 1838777, "testcase_feedback": [], "user": {"name": "tflink", "email": "tflink@tirfa.com", "id": 989, "avatar": "https://seccdn.libravatar.org/avatar/8558723ef14d6036c4d400b19d1e2d25f0460a121211f4215f2ca35458bab498?s=24&d=retro", "openid": "tflink.id.fedoraproject.org", "groups": [{"name": "proventesters"}, {"name": "qa-tools-sig"}, {"name": "packager"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "ipausers"}, {"name": "fi-apprentice"}, {"name": "sysadmin-qa"}, {"name": "sysadmin-dns"}, {"name": "qa-automation-shell"}, {"name": "communishift"}, {"name": "sysadmin-upstreamfirst"}, {"name": "qa-beaker-user"}, {"name": "qa-admin"}, {"name": "aws-qa"}, {"name": "sysadmin"}, {"name": "hosted-content"}, {"name": "fedora-contributor"}, {"name": "qa"}, {"name": "gitfedora-build-service"}, {"name": "fedora-ci-admins"}, {"name": "ai-ml-sig"}, {"name": "rocm-packagers-sig"}, {"name": "ai-ml-sig-admin"}, {"name": "pytorch-sig"}, {"name": "gitlab-fedora-aiml-maintainer"}, {"name": "gitlab-fedora-aiml-admin"}, {"name": "gitlab-fedora-aiml-developer"}]}}}, {"karma": 1, "comment_id": 1838810, "bug_id": 1920618, "comment": {"karma": 1, "karma_critpath": 0, "text": "Fixes vulnerability (tested using `sudoedit -s /` old output: \"`sudoedit: /: not a regular file`\" new output: \"`usage: sudoedit`\")", "timestamp": "2021-01-27 01:03:18", "update_id": 275267, "user_id": 6023, "id": 1838810, "testcase_feedback": [], "user": {"name": "uwueviee", "email": "evie.viau@gmail.com", "id": 6023, "avatar": "https://seccdn.libravatar.org/avatar/1c0510200c4f54421647e2833f39f26191b61ba7a47641b7abbb37ccf43bfc63?s=24&d=retro", "openid": "uwueviee.id.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}]}}}, {"karma": 0, "comment_id": 1838811, "bug_id": 1920618, "comment": {"karma": 1, "karma_critpath": 0, "text": "Address the correctly the CVE-2021-3156 and CVE-2021-23239", "timestamp": "2021-01-27 01:11:55", "update_id": 275268, "user_id": 3278, "id": 1838811, "testcase_feedback": [], "user": {"name": "bt0dotninja", "email": "hotgalan@gmail.com", "id": 3278, "avatar": "https://seccdn.libravatar.org/avatar/c60ab53f3bfe23061b21fd0bd0b53fe94c3322dfc6dc4a7d8d04f7d8efd098f8?s=24&d=retro", "openid": "bt0dotninja.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "fedora-contributor"}, {"name": "dotnet-team"}, {"name": "marketing"}, {"name": "mindshare"}, {"name": "council"}, {"name": "diversity-team"}, {"name": "fedorabugs"}, {"name": "neuro-sig"}, {"name": "commops"}, {"name": "ask-fedora"}, {"name": "fedora-join"}, {"name": "wikiedit"}, {"name": "signed_fpca"}, {"name": "summer-coding"}, {"name": "fedora-mx"}, {"name": "advocates"}, {"name": "ambassadors"}, {"name": "ipausers"}]}}}, {"karma": 0, "comment_id": 1838817, "bug_id": 1920618, "comment": {"karma": 1, "karma_critpath": 0, "text": "Tested and confirmed working. Did not test CVE vulnerability. ", "timestamp": "2021-01-27 01:18:26", "update_id": 275268, "user_id": 2230, "id": 1838817, "testcase_feedback": [], "user": {"name": "jflory7", "email": "jwf@redhat.com", "id": 2230, "avatar": "https://seccdn.libravatar.org/avatar/4469e083b5d2e74d25d069ecaa8b9033f3faf5123a756593695811364cf1e70b?s=24&d=retro", "openid": "jflory7.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "docs"}, {"name": "signed_fpca"}, {"name": "websites-apps"}, {"name": "fedora-contributor"}, {"name": "commops"}, {"name": "web"}, {"name": "fi-apprentice"}, {"name": "sysadmin-teleirc"}, {"name": "proton-sig"}, {"name": "fedora-socialmedia"}, {"name": "sysadmin-mote"}, {"name": "marketing"}, {"name": "i3-sig"}, {"name": "summer-coding"}, {"name": "campusambassadors"}, {"name": "magazine"}, {"name": "community-blog"}, {"name": "games-sig"}, {"name": "wikiedit"}, {"name": "fedorabugs"}, {"name": "advocates"}, {"name": "sysadmin"}, {"name": "diversity-team"}, {"name": "ambassadors"}, {"name": "gitfossrit"}, {"name": "gitlab-fedora-dei-admin"}, {"name": "mindshare"}, {"name": "council"}, {"name": "marketing-admin"}, {"name": "gitlab-fedora-admin"}, {"name": "elections"}, {"name": "gitlab-fedora-pride-admin"}, {"name": "diversity-pride"}, {"name": "communishift-commops-datanom"}, {"name": "communishift-commops-analytics"}, {"name": "sysadmin-badges"}, {"name": "trust admins"}]}}}, {"karma": 1, "comment_id": 1838918, "bug_id": 1920618, "comment": {"karma": 1, "karma_critpath": 0, "text": "Works well.", "timestamp": "2021-01-27 01:32:24", "update_id": 275267, "user_id": 5041, "id": 1838918, "testcase_feedback": [], "user": {"name": "scorreia", "email": "scorreia@redhat.com", "id": 5041, "avatar": "https://seccdn.libravatar.org/avatar/5f83ed6eac4bb1403c88508f87162f1b1a11cf80de64422efbeecd359a92f6ce?s=24&d=retro", "openid": "scorreia.id.fedoraproject.org", "groups": [{"name": "qa"}, {"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}]}}}, {"karma": 1, "comment_id": 1838968, "bug_id": 1920618, "comment": {"karma": 0, "karma_critpath": 0, "text": "Tested CVE vulnerability\n\n`sudoedit -s /` now returns usage rather than error, as per the original disclosure.", "timestamp": "2021-01-27 01:50:11", "update_id": 275268, "user_id": 6180, "id": 1838968, "testcase_feedback": [], "user": {"name": "mxmeinhold", "email": "mxmeinhold@gmail.com", "id": 6180, "avatar": "https://seccdn.libravatar.org/avatar/5bdf245eb79ce119ead609f660ee9b552b822cc04a3bfbd954827d51b42006ee?s=24&d=retro", "openid": "mxmeinhold.id.fedoraproject.org", "groups": []}}}, {"karma": 1, "comment_id": 1838993, "bug_id": 1920618, "comment": {"karma": 1, "karma_critpath": 0, "text": "Works well.", "timestamp": "2021-01-27 01:51:51", "update_id": 275268, "user_id": 5041, "id": 1838993, "testcase_feedback": [], "user": {"name": "scorreia", "email": "scorreia@redhat.com", "id": 5041, "avatar": "https://seccdn.libravatar.org/avatar/5f83ed6eac4bb1403c88508f87162f1b1a11cf80de64422efbeecd359a92f6ce?s=24&d=retro", "openid": "scorreia.id.fedoraproject.org", "groups": [{"name": "qa"}, {"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}]}}}, {"karma": 1, "comment_id": 1839993, "bug_id": 1920618, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2021-01-27 17:37:53", "update_id": 275267, "user_id": 5615, "id": 1839993, "testcase_feedback": [], "user": {"name": "ersen", "email": "oguz@ersen.moe", "id": 5615, "avatar": "https://seccdn.libravatar.org/avatar/b7a62226e7d88529ca69787274bacac45092c0f9bc56e521090d83f859529ce4?s=24&d=retro", "openid": "ersen.id.fedoraproject.org", "groups": [{"name": "qa"}, {"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "l10n"}, {"name": "fedora-join"}, {"name": "ask-fedora"}]}}}, {"karma": 1, "comment_id": 1838749, "bug_id": 1920618, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2021-01-26 22:58:03", "update_id": 275267, "user_id": 1501, "id": 1838749, "testcase_feedback": [], "user": {"name": "edwintorok", "email": "edwin+bugs@etorok.net", "id": 1501, "avatar": "https://seccdn.libravatar.org/avatar/9a0c04f4f1519665012763c19bb0ce32971640f0eed3d747d6ea718092be5e71?s=24&d=retro", "openid": "edwintorok.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}]}}}, {"karma": 1, "comment_id": 1839211, "bug_id": 1920618, "comment": {"karma": 1, "karma_critpath": 0, "text": "wfm", "timestamp": "2021-01-27 05:43:08", "update_id": 275267, "user_id": 4555, "id": 1839211, "testcase_feedback": [], "user": {"name": "t3rm1n4l", "email": "stealthcipher@gmail.com", "id": 4555, "avatar": "https://seccdn.libravatar.org/avatar/cb6c19faf9628e1df86e8566dea353017cb4d032ca56ef353fdb860693df9fef?s=24&d=retro", "openid": "t3rm1n4l.id.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}]}}}, {"karma": 1, "comment_id": 1840261, "bug_id": 1920618, "comment": {"karma": 1, "karma_critpath": 0, "text": "Worked here", "timestamp": "2021-01-27 22:12:33", "update_id": 275267, "user_id": 6186, "id": 1840261, "testcase_feedback": [], "user": {"name": "odilhao", "email": "odilon.junior93@gmail.com", "id": 6186, "avatar": "https://seccdn.libravatar.org/avatar/51fe728c4cdbfffb3b7a9c04939b6a1b8ca904ffcbd1e23baa57311809adbf82?s=24&d=retro", "openid": "odilhao.id.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "i3-sig"}]}}}]}], "updateid": "FEDORA-2021-8840cbdccd", "karma": 4, "content_type": "rpm", "test_cases": []}, "can_edit": false, "ci_allowed": false}