There’s a security update for the sudo package in recent Slackware versions. This includes 8.1, 9.0, 9.1, 10.0, 10.1 and current. A race condition could allow a user with sudo privileges to run arbitrary commands. Details are as follows:
Here are the details from the Slackware 10.1 ChangeLog:
patches/packages/sudo-1.6.8p9-i486-1.tgz: Upgraded to sudo-1.6.8p9.
This new version of Sudo fixes a race condition in command pathname handling that could allow a user with Sudo privileges to run arbitrary commands.
For full details, see the Sudo site:
(* Security fix *)
You can use the Slackware package browser to obtain an updated version of this package for your Slackware installation. Lazier and smarter people like me will use updating tools such as Swaret or slapt-get 🙂