[ubuntu/lunar-proposed] sudo 1.9.11p3-1ubuntu3 (Accepted)
Marc Deslauriers
marc.deslauriers at ubuntu.com
Wed Jan 18 17:50:18 UTC 2023
sudo (1.9.11p3-1ubuntu3) lunar; urgency=medium
* SECURITY UPDATE: arbitrary file overwrite via sudoedit
- debian/patches/CVE-2023-22809.patch: do not permit editor arguments
to include -- in plugins/sudoers/editor.c, plugins/sudoers/sudoers.c,
plugins/sudoers/visudo.c.
- CVE-2023-22809
Date: Wed, 18 Jan 2023 12:46:34 -0500
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/sudo/1.9.11p3-1ubuntu3
-------------- next part --------------
Format: 1.8
Date: Wed, 18 Jan 2023 12:46:34 -0500
Source: sudo
Built-For-Profiles: noudeb
Architecture: source
Version: 1.9.11p3-1ubuntu3
Distribution: lunar
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Changes:
sudo (1.9.11p3-1ubuntu3) lunar; urgency=medium
.
* SECURITY UPDATE: arbitrary file overwrite via sudoedit
- debian/patches/CVE-2023-22809.patch: do not permit editor arguments
to include -- in plugins/sudoers/editor.c, plugins/sudoers/sudoers.c,
plugins/sudoers/visudo.c.
- CVE-2023-22809
Checksums-Sha1:
db2adac00a9caa3697b4d88831b848779b343455 2623 sudo_1.9.11p3-1ubuntu3.dsc
ee66a67f5ff38b033daf0738a3905acde6f8ec17 44072 sudo_1.9.11p3-1ubuntu3.debian.tar.xz
b9b1049e3e9502cca40a4f3a86f50b364a513f8b 7129 sudo_1.9.11p3-1ubuntu3_source.buildinfo
Checksums-Sha256:
3d346f9b07a12ac8d8f40650e869b6ff38604fe20528bf9ab5ec48ad1db054b3 2623 sudo_1.9.11p3-1ubuntu3.dsc
7d25e00bc1ee514bc5f2f7c1387864cfc110b63d25d4225db130caca3ae87907 44072 sudo_1.9.11p3-1ubuntu3.debian.tar.xz
8ebf595ed5a8703b43418f53e5f821f7c3ad5fc038c5bda9910f2fdfdc3b33ed 7129 sudo_1.9.11p3-1ubuntu3_source.buildinfo
Files:
c46b331a3283e5e687c1ced10dbbfc57 2623 admin optional sudo_1.9.11p3-1ubuntu3.dsc
2378a75d9a7f28bc41889f37628233c9 44072 admin optional sudo_1.9.11p3-1ubuntu3.debian.tar.xz
3345462b2067d1c46589de8162fb7223 7129 admin optional sudo_1.9.11p3-1ubuntu3_source.buildinfo
Original-Maintainer: Sudo Maintainers <sudo at packages.debian.org>
More information about the lunar-changes
mailing list