Sudo Vulnerability Discovered: How To Protect Your System From Baron Samedit

2 Likes

On this, Free is better too, as the corrections are patched and distributed faster than on closed source. I know the failure has passed upon on 10 years, but now almost all distros are patching those system

2 Likes

It’s a good thing to stumble upon that kind of article but as a rather newbie it’s always a disappointment to not find in the article any info on how you check the sudo version or update :unamused: I know it’s basic info and most of the audience here don’t need that. I kind of guess what I have to do but a 3 lines reminder wouldn’t hurt.
I found the infos elsewhere and the thing now is when I try to update terminal is telling me sudo is already the latest version (1.9.1-1ubuntu1.1) but in the article the recommended version is sudo-1.9.5p2 :thinking:
(Pop OS 20.10)

1 Like

I’m running a LinuxLite distro atm on a vm, and it seems that it’s patched. Did you run the latest updates for your distro? It should be fixed by now.
It’s unfortunate that it took about 10 years to get fixed, but better late then never i suppose.

I think it is telling you that because it is the latest version in your versions repository. I would hope that you will see an update very soon.

Oh. I saw the check ( sudoedit -s /) but hadn’t realised people used distributions without first learning how to update the system.

Anyway, having updated recently I passed that test over a week ago now anyway. If I hadn’t, and didn’t know how to, then I’d ask in the forum for my distribution…

1 Like

You raise a good point about mentioning how to check for current version. I will keep that in mind in future articles. Thank you for the feedback.

1 Like

Well that was a nice snarky reply :roll_eyes:
First thing I tried was sudo update but as nothing was updating I wondered how to check sudo version, which bring us to my reply here.

I could have gone to Pop os forum but I saw the article here and this forum is generally welcoming :grimacing:

You’re welcome, I know it’s not always easy to be complete or figure out what is not evident for others :+1:

You thought my reply was snarky?

No not you, not at all :sweat_smile: look at who I was replying in the upper right

That was intended to ben2talk. I tried to quote each time but apparently discourse removed automatically the quotes :man_shrugging: