Mandriva Linux Security Advisory 2010-052 - sudo 1.6.x before 1.6.9p21, when the runas_default option is used, does not properly set group memberships, which allows local users to gain privileges via a sudo command. The updated packages have been patched to correct this issue.
76f1e9f408dc7026f1f3164f9ef04641a98c14ea1373b28efa65c1dd1fbaee09