Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
macOS Big Sur 11.2.1 Fixes Root Access Sudo Bug
- Thread starter MacRumors
- Start date
- Sort by reaction score
I had one kernel panic when installing 11.2.1 on my MBP 16. Yes, it booted back to 11.2. Then I tried again and went thru fine, now on 11.2.1.
Thanks Apple for yet another reboot. Get it right the first time.
The CVE doesn't agree with you.
Sudo Heap-Based Buffer Overflow Vulnerability — CVE-2021-3156 | CISA
us-cert.cisa.gov
Updating a Catalina MBP with this update. Downloaded quickly, but the update itself is taking a lot longer than you'd expect for simply an sudo patch. Must have other stuff in the Catalina update as well. OK, there go the fans on my MBP.
I am upgrading a new Macbook Pro M1, and the update seems to have hung. The progress bar has not moved for half an hour.
Mine has gone real slow...48 min...is now 11 min. I guess patience is a virtue that I don’t have
I was surprised how large this update was.
I have read of one other person having kp as well but, said member was in a different thread, if I am not mistaken.
I never got a timer, it just had the progress bar and it hung for 45 minutes. I force rebooted it, it rebooted a few times, now I got a progress bar and timer, with 10 minutes. My intel 16 had no problems. A little annoyed that we, once again, have update after an update.Mine has gone real slow...48 min...is now 11 min. I guess patience is a virtue that I don’t have
Did you see the article posted just a few minutes ago?Hoping & praying that a fix will come to allow my MBP to work off the battery....as soon as I updated to Big Sur...my battery says 1% contact service...now it only works when its plugged in....so much for portability
Apple Offering Free Battery Replacements for 2016-2017 MacBook Pros That Can't Charge Past 1%
Apple today released macOS Big Sur 11.2.1 to address an issue that may prevent the battery from charging in some 2016 and 2017 MacBook Pro models,...
www.macrumors.com
Should also be mentioned that it's an independent project, not code written by Apple or unique to macOS. sudo runs on all UNIX and Linux systems. Apple is famous for not updating very quickly to the latest versions of these third-party packages.
If you're referring to be able to execute `sudo` without requiring a password, you can.
Here's one set of instructions, and you can find many more articles online:
How to Run Sudo Command Without Entering a Password in Linux
In this article, we will explain how to configure a sudo command to run without entering a password every time in a Linux terminal.
Basically, this option exists because you've already authenticated yourself on the machine, so you can basically remove the additional password requirement when using `sudo`. It's stil secure based on that.
Note: I've only done this on Linux machines, never macOS, so not sure if macOS blocks this option?
.
Oh thanks, but here they say the version is vulnerable but not patched. Not a trustable source?The CVE doesn't agree with you.
Sudo Heap-Based Buffer Overflow Vulnerability — CVE-2021-3156 | CISA
Sudo.ws
12.2 came out about two days, after everyone else had fixed the problem. If it isn't already exploited (zero day), a problem is only made public after everyone had a chance to fix it. Apple missed this chance. It would have been much better to postpone 12.2 by one or two days and include the fix.
will be probably included in the next beta, but you can install it manually by downloading the pkg from https://github.com/sudo-project/sudo/releases/download/SUDO_1_9_5p2/sudo-1.9.5p2.mac1100.pkg
Worked for me.
This will not solve the problem because it won't replace the vulnerable version of sudo– it will leave the old one in /usr/bin and put a new copy in /usr/local/bin. Anyone running /usr/bin/sudo will run the old vulnerable version.
<shrug> Interesting that different advisories say different things. You can leave the snark aside, I'd hope that sudo's own homepage would correctly detail which versions had the bug.
Installing the PAM isn’t that hard; having to re-add it after each update is slightly annoying, though.
Anyone notice less disk space after this update? Usually after a day or two my system cleans out the update files and "other", however this update used about 3GB of space on my drive. Upgrading from 11.0.1 to 11.1 and 11.1 to 11.2 resulted in very little additional disk space taken.