Advisories ยป MGASA-2023-0133

Updated sudo packages fix security vulnerability

Publication date: 11 Apr 2023
Modification date: 11 Apr 2023
Type: security
Affected Mageia releases : 8
CVE: CVE-2023-28486 , CVE-2023-28487

Description

Sudo before 1.9.13 does not escape control characters in log messages.
(CVE-2023-28486)
Sudo before 1.9.13 does not escape control characters in sudoreplay
output. (CVE-2023-28487)
                

References

SRPMS

8/core