Mageia 2023-0133: sudo security update | LinuxSecurity.com

What Are You Looking For?

Popular Tags

Sign Up
MGASA-2023-0133 - Updated sudo packages fix security vulnerability

Publication date: 11 Apr 2023
URL: https://advisories.mageia.org/MGASA-2023-0133.html
Type: security
Affected Mageia releases: 8
CVE: CVE-2023-28486,
     CVE-2023-28487

Sudo before 1.9.13 does not escape control characters in log messages.
(CVE-2023-28486)
Sudo before 1.9.13 does not escape control characters in sudoreplay
output. (CVE-2023-28487)

References:
- https://bugs.mageia.org/show_bug.cgi?id=31738
- https://lists.suse.com/pipermail/sle-security-updates/2023-March/014226.html
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28486
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28487

SRPMS:
- 8/core/sudo-1.9.5p2-2.3.mga8

Mageia 2023-0133: sudo security update

Sudo before 1.9.13 does not escape control characters in log messages

Summary

Sudo before 1.9.13 does not escape control characters in log messages. (CVE-2023-28486) Sudo before 1.9.13 does not escape control characters in sudoreplay output. (CVE-2023-28487)

References

- https://bugs.mageia.org/show_bug.cgi?id=31738

- https://lists.suse.com/pipermail/sle-security-updates/2023-March/014226.html

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28486

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28487

Resolution

MGASA-2023-0133 - Updated sudo packages fix security vulnerability

SRPMS

- 8/core/sudo-1.9.5p2-2.3.mga8

Severity
Publication date: 11 Apr 2023
URL: https://advisories.mageia.org/MGASA-2023-0133.html
Type: security
CVE: CVE-2023-28486, CVE-2023-28487

Related News

The Secure Programmable Router Project Puts Your Network Back Under Your Control with a Raspberry Pi

Hackers Deploy Open-Source Tool Sliver C2, Replacing Cobalt Strike, Metasploit

The 3 Best Terminal-Based Web Browsers for Linux

The 6 Best Private Encrypted Chat Apps for Linux Users

News

Advisories

HOWTOs

Features

Is Linux A More Secure Option Than Windows For Businesses?
How Secure Is Linux?
How To Secure Against WordPress Vulnerabilities with Predictive Analysis Detection & Automated Remediation
Best Practices for PHP Security
Why Cloud Linux Is Beneficial for E-Commerce Stores

About Us

Powered By

Footer Logo

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy. 

Learn More About Our Cookie Policy