--- /dev/null
+Submitted By: Archaic (archaic -aT- linuxfromscratch -DoT- org)
+Date: 2005-01-17
+Initial Package Version: 1.6.8p12
+Origin: Upstream CVS
+Upstream Status: In CVS
+Description: (CVE-2005-4158) Sudo before 1.6.8 p12, when the Perl taint flag is
+ off, does not clear the PERLLIB, PERL5LIB, and PERL5OPT environment
+ variables, which allows limited local users to cause a Perl script
+ to include and execute arbitrary library files that have the same
+ name as library files that are included by the script.
+ Additionally, more variables beyond perl were added to the
+ blacklist and comments were added to the variables.
+
+diff -Naur sudo-1.6.8p12.orig/env.c sudo-1.6.8p12/env.c
+--- sudo-1.6.8p12.orig/env.c 2005-11-08 18:21:33.000000000 +0000
++++ sudo-1.6.8p12/env.c 2006-01-18 00:35:17.000000000 +0000
+@@ -118,18 +118,31 @@
+ "USR_ACE",
+ "DLC_ACE",
+ #endif /* HAVE_SECURID */
+- "TERMINFO",
+- "TERMINFO_DIRS",
+- "TERMPATH",
++ "TERMINFO", /* terminfo, exclusive path to terminfo files */
++ "TERMINFO_DIRS", /* terminfo, path(s) to terminfo files */
++ "TERMPATH", /* termcap, path(s) to termcap files */
+ "TERMCAP", /* XXX - only if it starts with '/' */
+- "ENV",
+- "BASH_ENV",
+- "PS4",
+- "SHELLOPTS",
+- "JAVA_TOOL_OPTIONS",
+- "PERLLIB",
+- "PERL5LIB",
+- "PERL5OPT",
++ "ENV", /* ksh, file to source before script runs */
++ "BASH_ENV", /* bash, file to source before script runs */
++ "PS4", /* bash, prefix for lines in xtrace mode */
++ "GLOBIGNORE", /* bash, globbing patterns to ignore */
++ "SHELLOPTS", /* bash, extra command line options */
++ "JAVA_TOOL_OPTIONS", /* java, extra command line options */
++ "PERLIO_DEBUG ", /* perl, debugging output file */
++ "PERLLIB", /* perl, search path for modules/includes */
++ "PERL5LIB", /* perl 5, search path for modules/includes */
++ "PERL5OPT", /* perl 5, extra command line options */
++ "PERL5DB", /* perl 5, command used to load debugger */
++ "FPATH", /* ksh, search path for functions */
++ "NULLCMD", /* zsh, command for null file redirection */
++ "READNULLCMD", /* zsh, command for null file redirection */
++ "ZDOTDIR", /* zsh, search path for dot files */
++ "TMPPREFIX", /* zsh, prefix for temporary files */
++ "PYTHONHOME", /* python, module search path */
++ "PYTHONPATH", /* python, search path */
++ "PYTHONINSPEC", /* python, allow inspection */
++ "RUBYLIB", /* ruby, library load path */
++ "RUBYOPT", /* ruby, extra command line options */
+ NULL
+ };
+