Candidate: CVE-2015-8239
PublicDate: 2017-10-10 16:29:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8239
 http://www.openwall.com/lists/oss-security/2015/11/10/2
 https://www.sudo.ws/stable.html#1.8.16
Description:
 The SHA-2 digest support in the sudoers plugin in sudo after 1.8.7 allows
 local users with write permissions to parts of the called command to
 replace them before it is executed.
Ubuntu-Description:
Notes:
 sbeattie> command digests are available only in 1.8.7 and higher
Bugs:
Priority: low
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H [7.0 HIGH]

Patches_sudo:
 upstream: https://www.sudo.ws/repos/sudo/rev/397722cdd7ec
upstream_sudo: released (1.8.16)
precise_sudo: ignored (reached end-of-life)
precise/esm_sudo: not-affected (code does not exist)
trusty_sudo: ignored (reached end-of-life)
trusty/esm_sudo: needed
vivid_sudo: ignored (reached end-of-life)
vivid/stable-phone-overlay_sudo: ignored (reached end-of-life)
vivid/ubuntu-core_sudo: ignored (reached end-of-life)
wily_sudo: ignored (reached end-of-life)
xenial_sudo: not-affected (1.8.16-0ubuntu1)
esm-infra/xenial_sudo: not-affected (1.8.16-0ubuntu1)
yakkety_sudo: not-affected (1.8.16-0ubuntu1)
zesty_sudo: not-affected (1.8.16-0ubuntu1)
artful_sudo: not-affected (1.8.16-0ubuntu1)
bionic_sudo: not-affected (1.8.16-0ubuntu1)
cosmic_sudo: not-affected (1.8.16-0ubuntu1)
disco_sudo: not-affected (1.8.16-0ubuntu1)
eoan_sudo: not-affected (1.8.16-0ubuntu1)
focal_sudo: not-affected (1.8.16-0ubuntu1)
groovy_sudo: not-affected (1.8.16-0ubuntu1)
hirsute_sudo: not-affected (1.8.16-0ubuntu1)
impish_sudo: not-affected (1.8.16-0ubuntu1)
jammy_sudo: not-affected (1.8.16-0ubuntu1)
devel_sudo: not-affected (1.8.16-0ubuntu1)