OESA-2023-1205

See a problem?
Please try reporting it to the source first.
Source
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1205
Import Source
https://repo.openeuler.org/security/data/osv/OESA-2023-1205.json
JSON Data
https://api.test.osv.dev/v1/vulns/OESA-2023-1205
Upstream
Published
2023-04-11T11:05:07Z
Modified
2025-08-12T05:19:21.618285Z
Summary
sudo security update
Details

Sudo is a program designed to allow a sysadmin to give limited root privileges to users and log root activity. The basic philosophy is to give as few privileges as possible but still allow people to get their work done.

Security Fix(es):

Sudo before 1.9.13 does not escape control characters in sudoreplay output.(CVE-2023-28487)

Sudo before 1.9.13 does not escape control characters in log messages.(CVE-2023-28486)

Database specific 
{
    "severity": "Medium"
}
References

Affected packages

openEuler:20.03-LTS-SP1 / sudo

Package

Name
sudo
Purl
pkg:rpm/openEuler/sudo&distro=openEuler-20.03-LTS-SP1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.9.2-11.oe1

Ecosystem specific 

{
    "aarch64": [
        "sudo-debugsource-1.9.2-11.oe1.aarch64.rpm",
        "sudo-debuginfo-1.9.2-11.oe1.aarch64.rpm",
        "sudo-1.9.2-11.oe1.aarch64.rpm",
        "sudo-devel-1.9.2-11.oe1.aarch64.rpm"
    ],
    "src": [
        "sudo-1.9.2-11.oe1.src.rpm"
    ],
    "x86_64": [
        "sudo-devel-1.9.2-11.oe1.x86_64.rpm",
        "sudo-1.9.2-11.oe1.x86_64.rpm",
        "sudo-debuginfo-1.9.2-11.oe1.x86_64.rpm",
        "sudo-debugsource-1.9.2-11.oe1.x86_64.rpm"
    ],
    "noarch": [
        "sudo-help-1.9.2-11.oe1.noarch.rpm"
    ]
}

openEuler:20.03-LTS-SP3 / sudo

Package

Name
sudo
Purl
pkg:rpm/openEuler/sudo&distro=openEuler-20.03-LTS-SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.9.2-11.oe1

Ecosystem specific 

{
    "aarch64": [
        "sudo-debugsource-1.9.2-11.oe1.aarch64.rpm",
        "sudo-debuginfo-1.9.2-11.oe1.aarch64.rpm",
        "sudo-1.9.2-11.oe1.aarch64.rpm",
        "sudo-devel-1.9.2-11.oe1.aarch64.rpm"
    ],
    "src": [
        "sudo-1.9.2-11.oe1.src.rpm"
    ],
    "x86_64": [
        "sudo-devel-1.9.2-11.oe1.x86_64.rpm",
        "sudo-1.9.2-11.oe1.x86_64.rpm",
        "sudo-debugsource-1.9.2-11.oe1.x86_64.rpm",
        "sudo-debuginfo-1.9.2-11.oe1.x86_64.rpm"
    ],
    "noarch": [
        "sudo-help-1.9.2-11.oe1.noarch.rpm"
    ]
}

openEuler:22.03-LTS / sudo

Package

Name
sudo
Purl
pkg:rpm/openEuler/sudo&distro=openEuler-22.03-LTS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.9.8p2-11.oe2203sp1

Ecosystem specific 

{
    "aarch64": [
        "sudo-debuginfo-1.9.8p2-11.oe2203.aarch64.rpm",
        "sudo-devel-1.9.8p2-11.oe2203.aarch64.rpm",
        "sudo-1.9.8p2-11.oe2203.aarch64.rpm",
        "sudo-debugsource-1.9.8p2-11.oe2203.aarch64.rpm",
        "sudo-debugsource-1.9.8p2-11.oe2203sp1.aarch64.rpm",
        "sudo-debuginfo-1.9.8p2-11.oe2203sp1.aarch64.rpm",
        "sudo-devel-1.9.8p2-11.oe2203sp1.aarch64.rpm",
        "sudo-1.9.8p2-11.oe2203sp1.aarch64.rpm"
    ],
    "src": [
        "sudo-1.9.8p2-11.oe2203.src.rpm",
        "sudo-1.9.8p2-11.oe2203sp1.src.rpm"
    ],
    "x86_64": [
        "sudo-debuginfo-1.9.8p2-11.oe2203.x86_64.rpm",
        "sudo-1.9.8p2-11.oe2203.x86_64.rpm",
        "sudo-devel-1.9.8p2-11.oe2203.x86_64.rpm",
        "sudo-debugsource-1.9.8p2-11.oe2203.x86_64.rpm",
        "sudo-debuginfo-1.9.8p2-11.oe2203sp1.x86_64.rpm",
        "sudo-1.9.8p2-11.oe2203sp1.x86_64.rpm",
        "sudo-debugsource-1.9.8p2-11.oe2203sp1.x86_64.rpm",
        "sudo-devel-1.9.8p2-11.oe2203sp1.x86_64.rpm"
    ],
    "noarch": [
        "sudo-help-1.9.8p2-11.oe2203.noarch.rpm",
        "sudo-help-1.9.8p2-11.oe2203sp1.noarch.rpm"
    ]
}

openEuler:22.03-LTS-SP1 / sudo

Package

Name
sudo
Purl
pkg:rpm/openEuler/sudo&distro=openEuler-22.03-LTS-SP1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.9.8p2-11.oe2203sp1

Ecosystem specific 

{
    "aarch64": [
        "sudo-debugsource-1.9.8p2-11.oe2203sp1.aarch64.rpm",
        "sudo-debuginfo-1.9.8p2-11.oe2203sp1.aarch64.rpm",
        "sudo-devel-1.9.8p2-11.oe2203sp1.aarch64.rpm",
        "sudo-1.9.8p2-11.oe2203sp1.aarch64.rpm"
    ],
    "src": [
        "sudo-1.9.8p2-11.oe2203sp1.src.rpm"
    ],
    "x86_64": [
        "sudo-debuginfo-1.9.8p2-11.oe2203sp1.x86_64.rpm",
        "sudo-1.9.8p2-11.oe2203sp1.x86_64.rpm",
        "sudo-debugsource-1.9.8p2-11.oe2203sp1.x86_64.rpm",
        "sudo-devel-1.9.8p2-11.oe2203sp1.x86_64.rpm"
    ],
    "noarch": [
        "sudo-help-1.9.8p2-11.oe2203sp1.noarch.rpm"
    ]
}