I know sudo is an Arch package, but we should push out the new version as soon as the Arch developer has applied the patch.
9 Likes
I had an update to sudo this morning on stable branch.
2 Likes
Same here…
Tsk, tsk…somebody didn’t check…
1 Like
Good morning - not everybody is sleeping the whole day 
4 Likes
Yeah! Some of us only half the day!
1 Like
I don’t manually check for updates unless there’s an update announcement thread. Barring that, I normally wait until the update notifier icon starts flashing. 
It was 09:50 in the morning here when I submitted the original post. I stumbled upon the link to the ZDNet article when I was perusing the PCLinuxOS forum. I am a member there ─ I still have an older PCLinuxOS installation on a laptop that I rarely ever use, but I’ve used PCLOS for several years before coming to Manjaro ─ and even though I do look at that forum every day, I don’t post there very often.
Someone there posted that link in a sardonic way, because although sudo is available from the PCLOS repositories, it is not installed by default, and Tex ─ the guy who founded PCLOS ─ disapproves of sudo. Most ─ not all but most ─ members of the PCLOS forum are senior citizens and quite conservative. For instance, they’re also quite opinionated on account of systemd, which PCLOS does not use, of course.
Anyway, I saw that link, read the article, and I did my due diligence by immediately bringing it to the Manjaro developers’ attention. It’s all I can do, and apart from being a moderator here at the Manjaro forum, I am also still an administrator at a non-computer-related forum, so I’m a busy man.
1 Like
Found by Qualys, write-up here:
From the article:
How can I test if I have vulnerable version?
To test if a system is vulnerable or not, login to the system as a non-root user.
Run command “sudoedit -s /”
If the system is vulnerable, it will respond with an error that starts with “sudoedit:”
If the system is patched, it will respond with an error that starts with “usage:”
vi must be installed for the test to work.
3 Likes
❯ sudoedit -s /
usage: sudoedit [-AknS] [-C num] [-D directory] [-g group] [-h host] [-p
prompt] [-R directory] [-T timeout] [-u user] file ...
Seems no action required - I think I updated some 12 hours ago (time here now 17:59) all this talk of morning gets me very confused.
1 Like
I got a tray notification that I have an update when I turned on my PC this morning, and that was it, apparently.
After running the update, all’s working fine.
But yes, I like to do this kind of things manually, so it may very well be that no manual intervention is necessary for anyone else.
Myself, although I’m not ahead in time like yourself, so it’s less of a strange to me, but it still is a bit weird.
I received sudo and firefox updates on testing branch yesterday.
Thank you 