sudo-rs, the Rust implementation of sudo used in Ubuntu 25.10, has been patched to address two moderate security vulnerabilities (including CVE-2025-64170). The issues include potential password leakage during timeout or process termination, and improper handling of feedback parameters. Version 0.2.10 has been released with fixes, and Ubuntu is rolling out a stable release update to affected systems. This adds to ongoing challenges with Ubuntu's transition to Rust-based system utilities.
Sort: