[ubuntu/jammy-security] sudo 1.9.9-1ubuntu2.2 (Accepted)
Marc Deslauriers
marc.deslauriers at canonical.com
Wed Jan 18 17:38:45 UTC 2023
sudo (1.9.9-1ubuntu2.2) jammy-security; urgency=medium
* SECURITY UPDATE: arbitrary file overwrite via sudoedit
- debian/patches/CVE-2023-22809.patch: do not permit editor arguments
to include -- in plugins/sudoers/editor.c, plugins/sudoers/sudoers.c,
plugins/sudoers/visudo.c.
- CVE-2023-22809
* SECURITY UPDATE: DoS via invalid arithmetic shift in Protobuf-c
- debian/patches/CVE-2022-33070.patch: only shift unsigned values in
lib/protobuf-c/protobuf-c.c.
- CVE-2022-33070
Date: 2023-01-16 13:35:08.805841+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/sudo/1.9.9-1ubuntu2.2
-------------- next part --------------
Sorry, changesfile not available.
More information about the jammy-changes
mailing list