Page 1 of 1
Sudo Bug
Posted: 26 Jan 2022, 03:00
by Purecade
Hello,
sudo bug, This bug is based on the vulnerability of the normal Raspberry Pi linux system. The main concern is security, because this bug can affect the tampering program, I would like to know if the Raspberry Pi of KUNBUS has already fixed this bug.
Cade
Re: Sudo Bug
Posted: 26 Jan 2022, 08:52
by nicolaiB
Hi Cade,
are you talking about CVE-2021-3156? This went viral around one year ago.
Our products use an operations system which is based on the official raspberry pi os / debian. Therefore security fixes for upstream packages like this are handled through the offical security repositories. If you want to make sure, that you're running a fixed version you can have a look at this page:
https://security-tracker.debian.org/tra ... -2021-3156
The latest version in our current buster image is 1.8.27-1+deb10u3. You can check your system with the following command (version is in the second column): dpkg -l | grep sudo
Nicolai
Re: Sudo Bug
Posted: 27 Jan 2022, 09:03
by Purecade
nicolaiB wrote: ↑26 Jan 2022, 08:52
Hi Cade,
are you talking about CVE-2021-3156? This went viral around one year ago.
Our products use an operations system which is based on the official raspberry pi os / debian. Therefore security fixes for upstream packages like this are handled through the offical security repositories. If you want to make sure, that you're running a fixed version you can have a look at this page:
https://security-tracker.debian.org/tra ... -2021-3156
The latest version in our current buster image is 1.8.27-1+deb10u3. You can check your system with the following command (version is in the second column): dpkg -l | grep sudo
Nicolai
Hello Nicolai,
Yeah,it's CVE-2021-3156.Thank you for the answer, I already know the answer。
Cade