• SayCyberOnceMore@feddit.uk
    link
    fedilink
    English
    arrow-up
    10
    ·
    19 hours ago

    As far as mitigation is concerned, the only thing you need to do is to confirm that your system’s sudo version is at least version 1.9.17p1 or later, which can be done with the command sudo -V. If your version is older than 1.9.17p1, update immediately.

    • Alphane Moon@lemmy.world
      link
      fedilink
      English
      arrow-up
      5
      ·
      edit-2
      14 hours ago

      This wouldn’t apply to Debian derived distros (e.g. DietPi). I am assuming the fix will backported to the version of sudo shipping with bookworm.

      • SayCyberOnceMore@feddit.uk
        link
        fedilink
        English
        arrow-up
        1
        arrow-down
        1
        ·
        13 hours ago

        Why wouldn’t this apply?

        One day in the future the later version of sudo would become available…?

        • Alphane Moon@lemmy.world
          link
          fedilink
          English
          arrow-up
          3
          ·
          edit-2
          13 hours ago

          I am assuming the fix for the second vulnerability will be backported to the older version in bookworn; 13p1 if I remember correctly.

          I’ve seen theme backport security to older releases of much less important software.