Univention Bugzilla – Bug 55586
sudo: Multiple issues (5.0)
Last modified: 2023-01-25 12:47:56 CET
New Debian sudo 1.8.27-1+deb10u5 fixes: This update addresses the following issue: * arbitrary file write with privileges of the RunAs user (CVE-2023-22809)
--- mirror/ftp/pool/main/s/sudo/sudo_1.8.27-1+deb10u4.dsc +++ apt/ucs_5.0-0-errata5.0-2/source/sudo_1.8.27-1+deb10u5.dsc @@ -1,3 +1,9 @@ +1.8.27-1+deb10u5 [Mon, 16 Jan 2023 21:03:02 +0100] Thorsten Alteholz <debian@alteholz.de>: + + * Non-maintainer upload by the LTS Team. + * CVE-2023-22809 + sudoedit: do not permit editor arguments to include "--" + 1.8.27-1+deb10u4 [Mon, 07 Nov 2022 11:58:17 +0000] Chris Lamb <lamby@debian.org>: * Non-maintainer upload by the Debian LTS team. <http://piuparts.knut.univention.de/5.0-2/#2188147075365990539>
OK: bug OK: yaml OK: announce_errata OK: patch OK: piuparts [5.0-2] 19a97b3cca Bug #55586: sudo 1.8.27-1+deb10u5 doc/errata/staging/sudo.yaml | 12 ++++++++++++ 1 file changed, 12 insertions(+)
<https://errata.software-univention.de/#/?erratum=5.0x550>