Important: sudo

Issue Overview: In sudo-1.8.23-10.amzn2.3.6 Amazon Linux 2 and sudo-1.8.23-10.58.amzn1 Amazon Linux 1, a user with an entry in the sudoers file, enabling them to run commands as another unprivileged user, can leverage it to run commands as root. No prior versions are affected. This issue has been...

Important: sudo

Issue Overview: In sudo-1.8.23-10.amzn2.3.6 Amazon Linux 2 and sudo-1.8.23-10.58.amzn1 Amazon Linux 1, a user with an entry in the sudoers file, enabling them to run commands as another unprivileged user, can leverage it to run commands as root. No prior versions are affected. This issue has been...

CLSA-2024-1708426650 sudo: Fix of CVE-2023-42465

CVE-2023-42465: make sudo less vulnerable to ROWHAMMER attacks...

Medium: sudo

Issue Overview: Sudo before 1.9.13 does not escape control characters in log messages. CVE-2023-28486 Sudo before 1.9.13 does not escape control characters in sudoreplay output. CVE-2023-28487 Affected Packages: sudo Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit...

SUSE-SU-2023:1665-1 Security update for sudo

This update for sudo fixes the following issue: Security issues: - CVE-2023-28486: Fixed sudo does not escape control characters in log messages. bsc1209362 - CVE-2023-28487: Fixed sudo does not escape control characters in sudoreplay output. bsc1209361 - CVE-2023-27320: Fixed a potential securit...

sudo security update

1.8.6p3-29.0.4.el610.3 - Fixed Privilege escalation CVE-2023-22809 for sudoedit Orabug: 35037922...

OESA-2022-1904 sudo security update

Sudo is a program designed to allow a sysadmin to give limited root privileges to users and log root activity. The basic philosophy is to give as few privileges as possible but still allow people to get their work done. Security Fixes: Protobuf-c v1.4.0 was discovered to contain an invalid...

sudo bug fix and enhancement update

An update is available for sudo. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The sudo packages contain the sudo utility which allows system administrators to...

sudo security and bug fix update

1.8.29-7 - RHEL 8.4 ERRATUM - CVE-2021-3156 Resolves: rhbz1917734 - CVE-2021-23239 sudo: possible directory existence test due to race condition in sudoedit Resolves: rhzb1916434 - CVE-2021-23240 sudo: symbolic link attack in SELinux-enabled sudoedit Resolves: rhbz1917038 - updated upstream url...

sudo security update

1.8.23-10.1 - RHEL 7.9.Z ERRATUM - CVE-2021-3156 Resolves: rhbz1917729...

DSA-4839-1 sudo - security update

Bulletin has no description...

Arbitrary Code Execution

sudo is vulnerable to arbitrary code execution. The RHBA-2010:0212 sudo update released as part of Red Hat Enterprise Linux 5.5 added the ability to change the value of the ignoredot option in the "/etc/sudoers" configuration file. This ability introduced a regression in the upstream fix for...

[SECURITY] Fedora 32 Update: sudo-1.9.0-0.1.b1.fc32

Sudo superuser do allows a system administrator to give certain users or groups of users the ability to run some or all commands as root while logging all commands and arguments. Sudo operates on a per-command basis. It is not a replacement for the shell. Features include: the ability to restrict...

Fedora 31 : sudo (2020-8b563bc5f4)

update to latest development version 1.9.0b1 - added sudologsrvd and sudosendlog to files and their appropriate man pages Resolves: rhbz1787823 - Stack based buffer overflow in when pwfeedback is enabled Resolves: rhbz1796945 - fixes: CVE-2019-18634 - By using ! character in the shadow file...

sudo security update

1.8.23-4.0.2.2 - Bump release to avoid conflict with previous Orace Linux errata 1.8.23-4.2 - RHEL 7.7.z - fixed CVE-2019-18634 Resolves: rhbz1798094 1.8.23-4.1 - RHEL-7.7.z - fixed CVE-2019-14287 Resolves: rhbz1760694...

CentOS 6 / 7 : sudo (CESA-2016:2872)

An update for sudo is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...

[SECURITY] Fedora 23 Update: sudo-1.8.18p1-1.fc23

Sudo superuser do allows a system administrator to give certain users or groups of users the ability to run some or all commands as root while logging all commands and arguments. Sudo operates on a per-command basis. It is not a replacement for the shell. Features include: the ability to restrict...

[SECURITY] [DSA 3167-1] sudo security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3167-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso February 22, 2015 http://www.debian.org/security/faq -...

Fedora 17 : sudo-1.8.6p7-1.fc17 (2013-3270)

update to 1.8.6p7 - fixes CVE-2013-1775 and CVE-2013-1776 - fixed several packaging issues thanks to ville.skytta at iki.fi - build with system zlib. - let rpmbuild strip libexecdir/.so. - own the %%docdir/sudo- dir. - fix some rpmlint warnings spaces vs tabs, unescaped macros. - fix bogus...

Fedora 18 : sudo-1.8.6p7-1.fc18 (2013-3297)

update to 1.8.6p7 - fixes CVE-2013-1775 and CVE-2013-1776 - fixed several packaging issues thanks to ville.skytta at iki.fi - build with system zlib. - let rpmbuild strip libexecdir/.so. - own the %%docdir/sudo- dir. - fix some rpmlint warnings spaces vs tabs, unescaped macros. - fix bogus...