Ozgur Altinter (DHL TR):
> Hello All,
> We got some update from Redhat according to Sudo . (CVE-2019-14287)
> https://access.redhat.com/security/cve/cve-2019-14287
> But when we checked from Debian Library we found out below link regarding to 
> some Sudo update .
> https://security-tracker.debian.org/tracker/CVE-2019-14287
> My first questions is this same vulnerability patch  ? When I checked  Only 
> showing deb9u1 ,deb8u6 ,deb10u1.  My system details are as follow. could you 
> pls which one I can choice for my system ?
> -----------------------------------------------------------
> Linux 3.16.0-4-amd64 #1 SMP Debian 3.16.39-1+deb8u1 (2017-02-22) x86_64 
> GNU/Linux
> jessie InRelease
> Sudo version 1.8.10p3
> Sudoers policy plugin version 1.8.10p3
> Sudoers file grammar version 43
> Sudoers I/O plugin version 1.8.10p3
> debian_version  8.7
> ---------------------------------------------------------------

Since your system is running Debian 8 (Jessie), the version of sudo with the fix
is deb8u6 -- note that the Debian version is embedded in these update versions:

deb8u6  is the security update for Debian 8 (Jessie)
deb9u1  is the security update for Debian 9 (Stretch)
deb10u1 is the security update for Debian 10 (Buster)

> Below link  has many updates. I am confusing which one I can choice ?
> https://www.sudo.ws/dist/packages/Debian/8/

It appears these particular updates don't come from Debian; I think the one you
want is this one from security.debian.org:


  -- Chris

Chris Knadle

Reply via email to