AIX

Hello 

A security vulnerability has been identified with the CVE-2023-27320 code, which causes the system to crash and can be used to gain unauthorized access to the vulnerable system.

https://www.openwall.com/lists/oss-security/2023/02/28/1

https://www.sudo.ws/releases/stable/#1.9.13p2

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-27320

I learned that the vulnerability was fixed with the sudo-1.9.13p2 package. where can i download this package

AIX OS = 7200-05-03-2148

Thanks

Hi Enis Demir,
Yes CVE-2023-27320  is fixed in  sudo-1.9.13p2, which is not available on AIX tool box now.  We are building sudo-1.9.13p2, Will update you soon.

Hello 

A security vulnerability has been identified with the CVE-2023-27320 code, which causes the system to crash and can be used to gain unauthorized access to the vulnerable system.

https://www.openwall.com/lists/oss-security/2023/02/28/1

https://www.sudo.ws/releases/stable/#1.9.13p2

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-27320

I learned that the vulnerability was fixed with the sudo-1.9.13p2 package. where can i download this package

AIX OS = 7200-05-03-2148

Thanks

Hi Sangeetha Bandi,

Thank you very much for your reply.I'm looking forward to the update

Thanks

Hi Enis Demir,
Yes CVE-2023-27320  is fixed in  sudo-1.9.13p2, which is not available on AIX tool box now.  We are building sudo-1.9.13p2, Will update you soon.

Hello 

A security vulnerability has been identified with the CVE-2023-27320 code, which causes the system to crash and can be used to gain unauthorized access to the vulnerable system.

https://www.openwall.com/lists/oss-security/2023/02/28/1

https://www.sudo.ws/releases/stable/#1.9.13p2

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-27320

I learned that the vulnerability was fixed with the sudo-1.9.13p2 package. where can i download this package

AIX OS = 7200-05-03-2148

Thanks

Hi  Enis Demir,

sudo-1.9.13p2 is uploaded to Aix Tool Box. 
@ 
https://public.dhe.ibm.com/aix/freeSoftware/aixtoolbox/SRPMS/sudo
https://public.dhe.ibm.com/aix/freeSoftware/aixtoolbox/SRPMS/sudo_ids
https://public.dhe.ibm.com/aix/freeSoftware/aixtoolbox/SRPMS/sudo_noldap

------------------------------
Sangeetha Bandi

Original Message:
Sent: Wed March 08, 2023 01:03 AM
From: Enis Demir
Subject: AIX 7.2.5.3 SUDO-CVE-2023-27320 vulnerability

Hi Sangeetha Bandi,

Thank you very much for your reply.I'm looking forward to the update

Thanks

Hi Enis Demir,
Yes CVE-2023-27320  is fixed in  sudo-1.9.13p2, which is not available on AIX tool box now.  We are building sudo-1.9.13p2, Will update you soon.

Hello 

A security vulnerability has been identified with the CVE-2023-27320 code, which causes the system to crash and can be used to gain unauthorized access to the vulnerable system.

https://www.openwall.com/lists/oss-security/2023/02/28/1

https://www.sudo.ws/releases/stable/#1.9.13p2

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-27320

I learned that the vulnerability was fixed with the sudo-1.9.13p2 package. where can i download this package

AIX OS = 7200-05-03-2148

Thanks

Hello,

Aix Tool Box is the official way for sudo distribution?
If i remember correctly there was normal .bff package patch distribution same like for java or openssh (MRS).

Does it still exists?

Hi  Enis Demir,

sudo-1.9.13p2 is uploaded to Aix Tool Box. 
@ 
https://public.dhe.ibm.com/aix/freeSoftware/aixtoolbox/SRPMS/sudo
https://public.dhe.ibm.com/aix/freeSoftware/aixtoolbox/SRPMS/sudo_ids
https://public.dhe.ibm.com/aix/freeSoftware/aixtoolbox/SRPMS/sudo_noldap

------------------------------
Sangeetha Bandi

Original Message:
Sent: Wed March 08, 2023 01:03 AM
From: Enis Demir
Subject: AIX 7.2.5.3 SUDO-CVE-2023-27320 vulnerability

Hi Sangeetha Bandi,

Thank you very much for your reply.I'm looking forward to the update

Thanks

Hi Enis Demir,
Yes CVE-2023-27320  is fixed in  sudo-1.9.13p2, which is not available on AIX tool box now.  We are building sudo-1.9.13p2, Will update you soon.

Hello 

A security vulnerability has been identified with the CVE-2023-27320 code, which causes the system to crash and can be used to gain unauthorized access to the vulnerable system.

https://www.openwall.com/lists/oss-security/2023/02/28/1

https://www.sudo.ws/releases/stable/#1.9.13p2

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-27320

I learned that the vulnerability was fixed with the sudo-1.9.13p2 package. where can i download this package

AIX OS = 7200-05-03-2148

Thanks

Ivan,

AIX Toolbox is the "official" way for IBM's sudo distribution. If you need sudo BFF package for some reasons, you can download it from the sudo website or build your own. But don't expect any form of support from IBM for 3rd party software.

Hello,

Aix Tool Box is the official way for sudo distribution?
If i remember correctly there was normal .bff package patch distribution same like for java or openssh (MRS).

Does it still exists?

Hi  Enis Demir,

sudo-1.9.13p2 is uploaded to Aix Tool Box. 
@ 
https://public.dhe.ibm.com/aix/freeSoftware/aixtoolbox/SRPMS/sudo
https://public.dhe.ibm.com/aix/freeSoftware/aixtoolbox/SRPMS/sudo_ids
https://public.dhe.ibm.com/aix/freeSoftware/aixtoolbox/SRPMS/sudo_noldap

------------------------------
Sangeetha Bandi

Original Message:
Sent: Wed March 08, 2023 01:03 AM
From: Enis Demir
Subject: AIX 7.2.5.3 SUDO-CVE-2023-27320 vulnerability

Hi Sangeetha Bandi,

Thank you very much for your reply.I'm looking forward to the update

Thanks

Hi Enis Demir,
Yes CVE-2023-27320  is fixed in  sudo-1.9.13p2, which is not available on AIX tool box now.  We are building sudo-1.9.13p2, Will update you soon.

Hello 

A security vulnerability has been identified with the CVE-2023-27320 code, which causes the system to crash and can be used to gain unauthorized access to the vulnerable system.

https://www.openwall.com/lists/oss-security/2023/02/28/1

https://www.sudo.ws/releases/stable/#1.9.13p2

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-27320

I learned that the vulnerability was fixed with the sudo-1.9.13p2 package. where can i download this package

AIX OS = 7200-05-03-2148

Thanks

Thank You Andrew,

I thought aix toolbox did not had IBM support.

Ivan,

AIX Toolbox is the "official" way for IBM's sudo distribution. If you need sudo BFF package for some reasons, you can download it from the sudo website or build your own. But don't expect any form of support from IBM for 3rd party software.

Hello,

Aix Tool Box is the official way for sudo distribution?
If i remember correctly there was normal .bff package patch distribution same like for java or openssh (MRS).

Does it still exists?

Hi  Enis Demir,

sudo-1.9.13p2 is uploaded to Aix Tool Box. 
@ 
https://public.dhe.ibm.com/aix/freeSoftware/aixtoolbox/SRPMS/sudo
https://public.dhe.ibm.com/aix/freeSoftware/aixtoolbox/SRPMS/sudo_ids
https://public.dhe.ibm.com/aix/freeSoftware/aixtoolbox/SRPMS/sudo_noldap

------------------------------
Sangeetha Bandi

Original Message:
Sent: Wed March 08, 2023 01:03 AM
From: Enis Demir
Subject: AIX 7.2.5.3 SUDO-CVE-2023-27320 vulnerability

Hi Sangeetha Bandi,

Thank you very much for your reply.I'm looking forward to the update

Thanks

Hi Enis Demir,
Yes CVE-2023-27320  is fixed in  sudo-1.9.13p2, which is not available on AIX tool box now.  We are building sudo-1.9.13p2, Will update you soon.

Hello 

A security vulnerability has been identified with the CVE-2023-27320 code, which causes the system to crash and can be used to gain unauthorized access to the vulnerable system.

https://www.openwall.com/lists/oss-security/2023/02/28/1

https://www.sudo.ws/releases/stable/#1.9.13p2

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-27320

I learned that the vulnerability was fixed with the sudo-1.9.13p2 package. where can i download this package

AIX OS = 7200-05-03-2148

Thanks