CVE-2021-3156

[mikemoate]

RancherOS Version: (ros os version)
1.5.7
Where are you running RancherOS? (docker-machine, AWS, GCE, baremetal, etc.)
AWS

There is a new vulnerability in sudo that impacts Rancher OS.

• https://nvd.nist.gov/vuln/detail/CVE-2021-3156
• https://www.sudo.ws/alerts/unescape_overflow.html

@dweomer @niusmallnan @Jason-ZW will Rancher OS be updated to fix this security issue, or is it truly now EoL?

[olljanat]

@mikemoate I just wonder that how you think that this one would be issue on RancherOS? Documentation quite clearly says that it is not supported to add users ( https://rancher.com/docs/os/v1.x/en/configuration/users/ ) and rancher user have anyway sudo rights.