Bug 13092

Summary:	[fix 21] sudo: CVE-2023-22809
Product:	[ROSA-based products] ROSA Fresh	Reporter:	Mikhail Novosyolov <m.novosyolov>
Component:	Packages from Main	Assignee:	ROSA Linux Bugs <bugs>
Status:	VERIFIED FIXED	QA Contact:	ROSA Linux Bugs <bugs>
Severity:	critical
Priority:	High	CC:	a.proklov, pastordidi, v.potapov
Version:	All	Flags:	v.potapov: qa_verified+ a.proklov: published+
Target Milestone:	---
Hardware:	All
OS:	Linux
Whiteboard:
Platform:	2021.1	ROSA Vulnerability identifier:
RPM Package:		ISO-related:
Bad POT generating:		Upstream:

Description Mikhail Novosyolov 2023-01-19 14:34:26 MSK

******* QA ADVISORY ********

sudo 1.9.8p2-2
Fixed CVE-2023-22809 (https://www.opennet.ru/opennews/art.shtml?num=58507)
Default configuration is not affected (see https://www.opennet.ru/openforum/vsluhforumID3/129528.html#1)

https://abf.io/build_lists/4310500
https://abf.io/build_lists/4310501
https://abf.io/build_lists/4310502
https://abf.io/build_lists/4310503
https://abf.io/build_lists/4310504

Comment 1 Dmitry Postnikov 2023-01-19 22:06:45 MSK

****************************
The update sent to testings

Comment 2 Vladimir Potapov 2023-01-26 07:56:03 MSK

sudo-1.9.8p2-2
https://abf.io/build_lists/4310500
https://abf.io/build_lists/4310501
https://abf.io/build_lists/4310502
https://abf.io/build_lists/4310503
https://abf.io/build_lists/4310504
*************************** Advisory **********************
Fixed CVE-2023-22809
***********************************************************
QA Verified