Errata overview
Errata ID 327
Date 2015-05-07
Source package sudo
Fixed in version 1.7.4p4-2.squeeze.5.38.201504082027
Two vulnerabilities have been discovered in Sudo:
* env_delete ignored for environment variables specified
  on the command line when env_reset is disabled
* Arbitrary file access via user defined TZ environment variable
Additional notes This update fixes these vulnerabilities.
CVE ID CVE-2014-0106
UCS Bug number #37853