How to patch Sudo
CVE-2021-3156: Heap-Based Buffer Overflow in Sudo (Baron Samedit) made itself known over the past few days and admins everywhere are rushing to patch it. Ill skip the analysis, watch the video below for that, and get right to patching.
To verify your version:
1.8.31 is vulnerable.
Go to https://www.sudo.ws/sudo.html and download the latest relase tar.gz. As of right now, the latest is sudo 1.9.5p2
Once downloaded, de-compress with
tar -xzvf <filename>
cd into the created directory “sudo-1.9.5p2” in this case
make && sudo make install
Once this has completed you mush reload your shell in order to see the new version has been installed. you can type
Big thanks to John Hammond for this video on the process.