Recently I've doing some security reviews in my environment and I saw that skyline servers are using sudo 1.8.30, even after the last update on Feb 9th, Skyline still using a vulnerable sudo version.
Current version: Sudoers I/O plugin version 1.8.30
I did some tests trying to manually upgrade sudo using the following KB, but it is reporting libc.so.6(GLIBC_2.27) (64bits), and forcing the upgrade with --nodeps, but it crashed sudo.
After rollback the package installation, it is working fine, but I would like to know if someone has a solution to proceed upgrading sudo for the Skyline servers.
Welcome to Skyline Communities!
We're currently investigating this issue to understand if this Vulnerability is affecting the Skyline Collector.
In the meantime, we would request you to share the Collector and Account details using the below Smartsheet Form.
CustomerVMware Skyline Community - Smartsheet.com
I see that you've raised a Service Request for this issue. We'll continue this on the SR and I'll close the loop on this thread once the issue is resolved.