Check out #ThisWeekInLinux with @MichaelTunnell as he covers the Sudo Bug, AKA #BaronSamedit, TailsOS, the new version of FireFox and so much more! Its my favorite place to catch my #linux #gnews !

Does anyone know which version of sudo on #Debian 9 fixes the #baronsamedit vulnerability?

I just know that for Debian 10 it's sudo 1.8.27-1+deb10u3... for Ubuntu there is this comprehensive page, but for Debian? https://ubuntu.com/security/notices/USN-4705-1

10-years-old #Sudo bug lets #Linux users gain root-level access. The #vulnerability, named #baronsamedit impacts most #Linux #distributions today.
https://www.zdnet.com/article/10-years-old-sudo-bug-lets-linux-users-gain-root-level-access/#ftag=RSSbaffb68
#security #vulnerabilities

RT @Jogenfors@twitter.com

$ sudo make me a sandwich

> You are not in the sudoers file. This incident will be reported

$ sudoedit -s '\' `perl -e 'print "A" x 65536'` make me a sandwich

> (core dumped)
> Okay

https://blog.qualys.com/vulnerabilities-research/2021/01/26/cve-2021-3156-heap-based-buffer-overflow-in-sudo-baron-samedit

#sudo #baronsamedit #linux #security

🐦🔗: https://twitter.com/Jogenfors/status/1354151579058888712