Publishing details
Changelog
sudo (1.9.11p3-1ubuntu1.3) kinetic-security; urgency=medium
* SECURITY UPDATE: does not escape control characters
- debian/patches/CVE-2023-2848x-1.patch: escape control characters in
log messages and sudoreplay output in docs/sudoers.man.in,
docs/sudoers.mdoc.in, docs/sudoreplay.man.in,
docs/sudoreplay.mdoc.in, include/sudo_lbuf.h,
lib/eventlog/eventlog.c, lib/iolog/iolog_json.c, lib/util/lbuf.c,
lib/util/util.exp.in, plugins/sudoers/sudoreplay.c.
- debian/patches/CVE-2023-2848x-2.patch: fix regression in
lib/eventlog/eventlog.c.
- CVE-2023-28486
- CVE-2023-28487
-- Marc Deslauriers <email address hidden> Mon, 03 Apr 2023 13:57:25 -0400
Builds
Package files