Does Software Update patch the "sudo" and "dnsmasq" bugs?
Hello.
I run Software Update regularly but noticed that both "sudo" and "dnsmasq" have outdated version numbers.
$ sudo --version
Sudo version 1.8.31
Sudoers policy plugin version 1.8.31
Sudoers file grammar version 46
Sudoers I/O plugin version 1.8.31
That being said, it seems that the version running on my system does not exhibit the known vulnerability documented in https:/
I understand that Network Manager uses the "dnsmasq-base" package and when I run "dnsmasq --version" I see a version number that's vulnerable to the "dnspooq" vulnerability.
$ dnsmasq --version
Dnsmasq version 2.80 Copyright (c) 2000-2018 Simon Kelley
First of all, when will "sudo" be updated to 1.8.32 or 1.9.5p2? Second, why is it already secure even though it hasn't been updated? And third, is dnsmasq-base vulnerable or just the full version of dnsmasq? And finally, when will dnsmasq-base be updated?
Thanks.
Question information
- Language:
- English Edit question
- Status:
- Solved
- For:
- Ubuntu Edit question
- Assignee:
- No assignee Edit question
- Solved by:
- Manfred Hampl
- Solved:
- Last query:
- Last reply: