- cross-posted to:
- linux@programming.dev
- cross-posted to:
- linux@programming.dev
As far as mitigation is concerned, the only thing you need to do is to confirm that your system’s sudo version is at least version 1.9.17p1 or later, which can be done with the command sudo -V. If your version is older than 1.9.17p1, update immediately.
This wouldn’t apply to Debian derived distros (e.g. DietPi). I am assuming the fix will backported to the version of sudo shipping with bookworm.
Why wouldn’t this apply?
One day in the future the later version of sudo would become available…?
I am assuming the fix for the second vulnerability will be backported to the older version in bookworn; 13p1 if I remember correctly.
I’ve seen theme backport security to older releases of much less important software.
Already patched and available via updates.
doas
I keep seeing people promote doas, but is it really any more secure than sudo? besides just having less eyes on it?
Subscribing to this question.
sudo-rs
Is it better than doas?
deleted by creator