In RunCloud, your server security is our top priority.
We have released a security update to patch all servers from CVE-2021-3156 (Heap-Based Buffer Overflow in Sudo) vulnerability that allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character.
Sudo linux package in your servers has been patched to the latest version in Wednesday, 27 January 2021.
- Ubuntu 20.04 LTS (Focal Fossa) : sudo v1.8.31-1ubuntu1.2
- Ubuntu 18.04 LTS (Bionic Beaver): sudo v1.8.21p2-3ubuntu1.4
- Ubuntu 16.04 LTS (Xenial Xerus): sudo v1.8.16-0ubuntu1.10