Amazon Linux 2023 Security Advisory: ALAS-2023-133
Advisory Release Date: 2023-03-11 01:11 Pacific
Advisory Updated Date: 2023-03-14 17:27 Pacific
Severity:
Important
Issue Overview:
Sudo before 1.9.13p2 has a double free in the per-command chroot feature. (CVE-2023-27320)
Affected Packages:
sudo
Issue Correction:
Run dnf update sudo --releasever=2023.0.20230315 to update your system.
New Packages:
aarch64:
sudo-devel-1.9.12-1.p2.amzn2023.0.3.aarch64
sudo-python-plugin-debuginfo-1.9.12-1.p2.amzn2023.0.3.aarch64
sudo-debuginfo-1.9.12-1.p2.amzn2023.0.3.aarch64
sudo-logsrvd-debuginfo-1.9.12-1.p2.amzn2023.0.3.aarch64
sudo-logsrvd-1.9.12-1.p2.amzn2023.0.3.aarch64
sudo-debugsource-1.9.12-1.p2.amzn2023.0.3.aarch64
sudo-1.9.12-1.p2.amzn2023.0.3.aarch64
sudo-python-plugin-1.9.12-1.p2.amzn2023.0.3.aarch64
src:
sudo-1.9.12-1.p2.amzn2023.0.3.src
x86_64:
sudo-logsrvd-debuginfo-1.9.12-1.p2.amzn2023.0.3.x86_64
sudo-debuginfo-1.9.12-1.p2.amzn2023.0.3.x86_64
sudo-devel-1.9.12-1.p2.amzn2023.0.3.x86_64
sudo-python-plugin-1.9.12-1.p2.amzn2023.0.3.x86_64
sudo-python-plugin-debuginfo-1.9.12-1.p2.amzn2023.0.3.x86_64
sudo-logsrvd-1.9.12-1.p2.amzn2023.0.3.x86_64
sudo-debugsource-1.9.12-1.p2.amzn2023.0.3.x86_64
sudo-1.9.12-1.p2.amzn2023.0.3.x86_64