Home / mailings [SECURITY] [DSA 6052-1] rust-sudo-rs security update
Posted on 11 November 2025
Debian Security Advisory- -------------------------------------------------------------------------
Debian Security Advisory DSA-6052-1 security@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
November 11, 2025 https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : rust-sudo-rs
CVE ID : not yet available
Two security issues were discovered in sudo-rs, a Rust-based implemention
of sudo (and su), which could result in the local disclosure of partially
typed passwords or an authentication bypass in some targetpw/rootpw
configurations.
For the stable distribution (trixie), this problem has been fixed in
version 0.2.5-5+deb13u1.
We recommend that you upgrade your rust-sudo-rs packages.
For the detailed security status of rust-sudo-rs please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/rust-sudo-rs
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org
