[El-errata] ELSA-2024-0811 Moderate: Oracle Linux 8 sudo security update
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Fri Feb 16 16:28:40 UTC 2024
Oracle Linux Security Advisory ELSA-2024-0811
http://linux.oracle.com/errata/ELSA-2024-0811.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
x86_64:
sudo-1.9.5p2-1.el8_9.x86_64.rpm
aarch64:
sudo-1.9.5p2-1.el8_9.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//sudo-1.9.5p2-1.el8_9.src.rpm
Related CVEs:
CVE-2023-28486
CVE-2023-28487
CVE-2023-42465
Description of changes:
RHEL 9.3.0.Z ERRATUM
[1.9.5p2-10]
- CVE-2023-28487 sudo: Sudo does not escape control characters in sudoreplay output
Resolves: RHEL-21834
- CVE-2023-28486 sudo: Sudo does not escape control characters in log messages
Resolves: RHEL-21828
- CVE-2023-42465 sudo: Targeted Corruption of Register and Stack Variables
Resolves: RHEL-21821
RHEL 8.9.0.Z ERRATUM
[1.9.5p2-1]
- Rebase to 1.9.5p2
- CVE-2023-28486 sudo: Sudo does not escape control characters in log messages
Resolves: RHEL-21825
- CVE-2023-28487 sudo: Sudo does not escape control characters in sudoreplay output
Resolves: RHEL-21831
- CVE-2023-42465 sudo: Targeted Corruption of Register and Stack Variables
Resolves: RHEL-21820
More information about the El-errata
mailing list