Package: sudo Version: 1.9.5-1 Severity: important Tags: upstream This is fixed in 1.9.5p1:
* Fixed a regression introduced in sudo 1.9.5 where the editor run by sudoedit was set-user-ID root unless SELinux RBAC was in use. The editor is now run with the user's real and effective user-IDs. -- System Information: Debian Release: bullseye/sid APT prefers unstable-debug APT policy: (500, 'unstable-debug'), (500, 'unstable'), (1, 'experimental-debug'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 5.9.0-5-amd64 (SMP w/4 CPU threads) Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages sudo depends on: ii libaudit1 1:3.0-2 ii libc6 2.31-9 ii libpam-modules 1.4.0-2 ii libpam0g 1.4.0-2 ii libselinux1 3.1-2+b2 ii lsb-base 11.1.0 ii zlib1g 1:1.2.11.dfsg-2