[ubuntu/jammy-security] sudo 1.9.9-1ubuntu2.4 (Accepted)
Marc Deslauriers
marc.deslauriers at canonical.com
Tue Apr 11 14:08:30 UTC 2023
sudo (1.9.9-1ubuntu2.4) jammy-security; urgency=medium
* SECURITY UPDATE: does not escape control characters
- debian/patches/CVE-2023-2848x-1.patch: escape control characters in
log messages and sudoreplay output in docs/sudoers.man.in,
docs/sudoers.mdoc.in, docs/sudoreplay.man.in,
docs/sudoreplay.mdoc.in, include/sudo_lbuf.h,
lib/eventlog/eventlog.c, lib/iolog/iolog_json.c, lib/util/lbuf.c,
lib/util/util.exp.in, plugins/sudoers/sudoreplay.c.
- debian/patches/CVE-2023-2848x-2.patch: fix regression in
lib/eventlog/eventlog.c.
- CVE-2023-28486
- CVE-2023-28487
Date: 2023-04-04 13:24:10.040311+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/sudo/1.9.9-1ubuntu2.4
-------------- next part --------------
Sorry, changesfile not available.
More information about the jammy-changes
mailing list