Security issue in sudo

Security Jan 28, 2021

A security issue has been identified and fixed in the sudo utility. Updates are available for XCP-ng 8.1 and 8.2.

To update, follow this guide. You can also join the discussion on our community forum. Hosts reboot not necessary after this update, unless you had missed the previous Xen security update.


Though not used by default, the sudo utility is installed on XCP-ng hosts. An important security flaw was discovered that made it necessary to update it to a patched version.

Even if you haven't configured extra non-root users on your XCP-ng hosts, updating is important as part of a global security process: let's not leave an easy way for any malevolent process to get root powers.



Samuel Verschelde

XCP-ng release manager: pushes the big red "Release" button. Part developer, part packager, part QA, part manager. Open Source enthusiast since 2002.