"""
Two security issues were discovered in sudo-rs, a Rust-based implemention
of sudo (and su), which could result in the local disclosure of partially
typed passwords or an authentication bypass in some targetpw/rootpw
configurations.
For the stable distribution (trixie), this problem has been fixed in
version 0.2.5-5+deb13u1.
We recommend that you upgrade your rust-sudo-rs packages.
"""
Everything to do with reimplementing sudo, though.
But sudo has its share of CVEs as well (latest CVE-2025-32463), so perhaps a fresh look on the tool is warranted; perhaps some learnings have been taken from it.
portmanteaufu|3 months ago
""" Two security issues were discovered in sudo-rs, a Rust-based implemention of sudo (and su), which could result in the local disclosure of partially typed passwords or an authentication bypass in some targetpw/rootpw configurations.
For the stable distribution (trixie), this problem has been fixed in version 0.2.5-5+deb13u1.
We recommend that you upgrade your rust-sudo-rs packages. """
wiz21c|3 months ago
_flux|3 months ago
But sudo has its share of CVEs as well (latest CVE-2025-32463), so perhaps a fresh look on the tool is warranted; perhaps some learnings have been taken from it.
never_inline|3 months ago
egorfine|3 months ago
(Obligatory disclaimer: I love rust, I hate fanboys and rewrites)
unknown|3 months ago
[deleted]
unknown|3 months ago
[deleted]
_flux|3 months ago
thw_9a83c|3 months ago
[1]: https://security-tracker.debian.org/tracker/source-package/r...
m4rtink|3 months ago