Sophie: sudo-1:1.6.9p5-1.1mdv2008.0 src

sudo-1.6.9p5-1.1mdv2008.0.src.rpm

Info
Deps
Files
Scripts
ChangeLog
Location
Others versions
Analyse

diff -p -up sudo-1.6.9p17/parse.c.CVE-2009-0034 sudo-1.6.9p17/parse.c
--- sudo-1.6.9p17/parse.c.CVE-2009-0034	2009-02-03 22:58:41.000000000 -0200
+++ sudo-1.6.9p17/parse.c	2009-02-03 22:59:20.000000000 -0200
@@ -621,10 +621,12 @@ usergr_matches(group, user, pw)
     /*
      * If the user has a supplementary group vector, check it first.
      */
-    for (i = 0; i < user_ngroups; i++) {
-	if (grp->gr_gid == user_groups[i])
-	    return(TRUE);
-    }
+    if (strcmp(user, user_name) == 0) {
+       for (i = 0; i < user_ngroups; i++) {
+           if (grp->gr_gid == user_groups[i])
+               return(TRUE);
+       }
+    }
     if (grp->gr_mem != NULL) {
 	for (cur = grp->gr_mem; *cur; cur++) {
 	    if (strcmp(*cur, user) == 0)