SUSE-SU-2023:1699-1 -- SLES sudo| ID: oval:org.secpod.oval:def:89048534 | Date: (C)2023-04-11 (M)2024-02-26 |
| Class: PATCH | Family: unix |
This update for sudo fixes the following issue: Security fixes: * CVE-2023-28486: Fixed missing control characters escaping in log messages . * CVE-2023-28487: Fixed missing control characters escaping in sudoreplay output . Other fixes: * Fix a situation where "sudo -U otheruser -l" would dereference a NULL pointer . * Do not re-enable the reader when flushing the buffers as part of pty_finish .
| Platform: |
| SUSE Linux Enterprise Server 15 SP2 |
| SUSE Linux Enterprise Server 15 SP1 |
