[ubuntu/lunar-proposed] sudo 1.9.13p1-1ubuntu2 (Accepted)

Marc Deslauriers marc.deslauriers at ubuntu.com
Wed Mar 1 14:50:16 UTC 2023 

sudo (1.9.13p1-1ubuntu2) lunar; urgency=medium

  * SECURITY UPDATE: double free with per-command chroot sudoers rules
    - debian/patches/CVE-2023-27320.patch: don't free user_cmnd twice in
      MANIFEST, plugins/sudoers/match_command.c,
      plugins/sudoers/regress/fuzz/fuzz_sudoers.c,
      plugins/sudoers/regress/testsudoers/test20.out.ok,
      plugins/sudoers/regress/testsudoers/test20.sh,
      plugins/sudoers/testsudoers.c,
      plugins/sudoers/visudo.c.
    - CVE-2023-27320

Date: Wed, 01 Mar 2023 08:51:34 -0500
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/sudo/1.9.13p1-1ubuntu2
-------------- next part --------------
Format: 1.8
Date: Wed, 01 Mar 2023 08:51:34 -0500
Source: sudo
Built-For-Profiles: noudeb
Architecture: source
Version: 1.9.13p1-1ubuntu2
Distribution: lunar
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Changes:
 sudo (1.9.13p1-1ubuntu2) lunar; urgency=medium
 .
   * SECURITY UPDATE: double free with per-command chroot sudoers rules
     - debian/patches/CVE-2023-27320.patch: don't free user_cmnd twice in
       MANIFEST, plugins/sudoers/match_command.c,
       plugins/sudoers/regress/fuzz/fuzz_sudoers.c,
       plugins/sudoers/regress/testsudoers/test20.out.ok,
       plugins/sudoers/regress/testsudoers/test20.sh,
       plugins/sudoers/testsudoers.c,
       plugins/sudoers/visudo.c.
     - CVE-2023-27320
Checksums-Sha1:
 70a0ad294887401a6f491e7e26c63d72891d8211 2680 sudo_1.9.13p1-1ubuntu2.dsc
 a5b5056bb77d984686c37667fc8c8c9f88c602bd 50472 sudo_1.9.13p1-1ubuntu2.debian.tar.xz
 a147ece7a7c1a1a9471b801e3bf2d78b5c733e9c 7008 sudo_1.9.13p1-1ubuntu2_source.buildinfo
Checksums-Sha256:
 7475a34cca0ef49e5d979e64469c86490cdafcac5f32e79d4750d7060ec2ec2e 2680 sudo_1.9.13p1-1ubuntu2.dsc
 26e10202d70161c84c4de85ff2f37120b603473f440131dcad51851ccf458586 50472 sudo_1.9.13p1-1ubuntu2.debian.tar.xz
 43d21e98dee0378024564a878d9f46c2061473ecdeb4f7c39c181eea9514db7b 7008 sudo_1.9.13p1-1ubuntu2_source.buildinfo
Files:
 0bed41c10dde8514782bf0c1b6a40f5e 2680 admin optional sudo_1.9.13p1-1ubuntu2.dsc
 95b07e05b511659fd3c8b50a802f7abf 50472 admin optional sudo_1.9.13p1-1ubuntu2.debian.tar.xz
 72037dbac08487fbc583c5ae563a5bfd 7008 admin optional sudo_1.9.13p1-1ubuntu2_source.buildinfo
Original-Maintainer: Sudo Maintainers <sudo at packages.debian.org>

More information about the lunar-changes mailing list