sudo before v1.9.5p2 has a Heap-based buffer overflow, allowing privilege escalation to root via sudoedit -s and a command-line argument that ends with a single backslash character.
I'm wondering if it is enough to run:
sudo apt update
on a Ubuntu server to fix CVE-2021-3156?
I've been doing some reading but I haven't found any concrete answer, I guess because it is a very recent issue.
Thanks you!
You need to update APT's package list and then install the upgrade:
sudo apt-get update
sudo apt-get --only-upgrade install sudo