This update for sudo fixes the following issue: Security issues: * CVE-2023-28486: Fixed sudo does not escape control characters in log messages. * CVE-2023-28487: Fixed sudo does not escape control characters in sudoreplay output. * CVE-2023-27320: Fixed a potential security issue with a double free with per-command chroot sudoers rules . Bug fixes: * Fix a situation where "sudo -U otheruser -l" would dereference a NULL pointer * If NOPASSWD is specified, don"t ask for password if command is not found . * Do not re-enable the reader when flushing the buffers as part of pty_finish .