Ubuntu Security Notice 905-1 – It was discovered that sudo did not properly validate the path for the ‘sudoedit’ pseudo-command. A local attacker could exploit this to execute arbitrary code as root if sudo was configured to allow the attacker to use sudoedit. The sudoedit pseudo-command is not used in the default installation of Ubuntu. It was discovered that sudo did not reset group permissions when the ‘runas_default’ configuration option was used. A local attacker could exploit this to escalate group privileges if sudo was configured to allow the attacker to run commands under the runas_default account. The runas_default configuration option is not used in the default installation of Ubuntu. This issue affected Ubuntu 8.04 LTS, 8.10 and 9.04.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/86745/USN-905-1.txt
Source: https://packetstormsecurity.com/files/86745/Ubuntu-Security-Notice-905-1.html