腾讯云警告地址:
https://cloud.tencent.com/announce/detail/1501
按照文档说明,需要升级到Sudo 1.9.5p2 或更新版本即可。所以先到官网sudo.ws下载最新包升级即可。
下拉找到rpm包
以下为快速修复方法,以centos操作系统为例,升级rpm包。
Centos6:
rpm -Uvh https://www.moneyslow.com/soft/CVE-2021-3156/sudo-1.9.5-3.el6.x86_64.rpm
Centos7:
rpm -Uvh https://www.moneyslow.com/soft/CVE-2021-3156/sudo-1.9.5-3.el7.x86_64.rpm
Centos8:
rpm -Uvh https://www.moneyslow.com/soft/CVE-2021-3156/sudo-1.9.5-3.el8.x86_64.rpm
例子:Centos7的升级命令:
# rpm -Uvh https://www.moneyslow.com/soft/CVE-2021-3156/sudo-1.9.5-3.el7.x86_64.rpm
Retrieving https://www.moneyslow.com/soft/CVE-2021-3156/sudo-1.9.5-3.el7.x86_64.rpm
Preparing... ################################# [100%]
Updating / installing...
1:sudo-1.9.5-3.el7 ################################# [ 50%]
Cleaning up / removing...
2:sudo-1.8.23-9.el7 ################################# [100%]
按照文档,出现以下错误,即修复。
$sudoedit -s /
usage: sudoedit [-AknS] [-r role] [-t type] [-C num] [-D directory] [-g group] [-h host] [-p prompt] [-R directory] [-T timeout]
[-u user] file ...