Upgrade sudo to 1.9.5p2 version due to CVE-2021–3156 vulnerability [duplicate]

upgrade sudo updates 20.04 vulnerability

This vulnerability was mitigated by the Ubuntu Security Team on 19 January 2021.

See https://ubuntu.com/security/CVE-2021-3156.

sudo 1.8.31 was patched, which is the normal way of handling most CVEs. The Ubuntu 20.04 package was bumped from 1.8.31-1ubuntu1.1 to 1.8.31-1ubuntu1.2 due to the patches. The 20.04 package won't be upgraded to 1.9.x.

Most users already have the patched version installed: Security updates are automatically detected and installed by your Ubuntu system's Unattended Upgrades application without any user action needed.

How to determine if you are using the patched package: Since this was a patch instead of a new upstream release, sudo --version will merely (and correctly) return 1.18.31 which won't help you. Instead, use apt. Here's an example using apt list. Note the NEW package version (1.8.31-1ubuntu1.2) is installed.

$ apt list sudo
Listing... Done
sudo/focal-updates,focal-security,now 1.8.31-1ubuntu1.2 amd64 [installed]

To check whether sudo is vulnerable to CVE-2021-3156 the maintainers recommend doing:

 sudoedit -s '\' `perl -e 'print "A" x 65536'`

If the sudo is patched it will respond with an error that starts with “usage:”.

Related

Network printer found but cannot print
Is it possible to use Ifconfig to switch an interface to DHCP and if not, what is the best way?
How do I install Groovy?
Ubuntu VLC subtitles blurry
How do I check the version of the Selenium API installed?
Cannot find -lgfortran
How to install .deb file in ubuntu using terminal? [duplicate]
Launch Sublime Text 2 from terminal [duplicate]
How can I open port 443?
What are the different arguments passed to tar command?
How to disable autostart of SSHD in Ubuntu 15.04
lsusb command not found