Errata overview
Errata ID 165
Date 2015-05-07
Source package sudo
Fixed in version 1.8.5p2-1+nmu2.39.201504082056
Two vulnerabilities have been discovered in Sudo:
* env_delete ignored for environment variables specified
  on the command line when env_reset is disabled
* Arbitrary file access via user defined TZ environment variable
Additional notes This update fixes these vulnerabilities.
CVE ID CVE-2014-0106
UCS Bug number #37852