Debian 10261 Published by

A sudo security update has been released for Debian GNU/Linux 9 Extended LTS to address an information disclosure vulnerability.



ELA-728-1 sudo security update

Package : sudo
Version : 1.8.19p1-2.1+deb9u4 (stretch)

Related CVEs :
CVE-2021-23239

It was discovered that there was a information disclosure vulnerability in sudo, a tool used to provide limited superuser privileges to specific users. A local unprivileged user may have been able to perform arbitrary directory-existence tests by exploiting a race condition in sudoedit.

  ELA-728-1 sudo security update