diff --git a/CHANGELOG.md b/CHANGELOG.md
index 121090d..280fb6f 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -6,6 +6,10 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+## [0.9.5] - 2022-09-25
+### Security
+- Ensure `sudo` binary used for permission checks isn't one supplied by the user in the `PATH` variable.
+
 ## [0.9.4] - 2022-09-25
 ### Fixed
 - Ensure cache directories exist before they're used.
diff --git a/Cargo.lock b/Cargo.lock
index edc7f21..8a24ba7 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -863,7 +863,7 @@ dependencies = [
 
 [[package]]
 name = "mist"
-version = "0.9.4"
+version = "0.9.5"
 dependencies = [
  "bat",
  "chrono",
diff --git a/Cargo.toml b/Cargo.toml
index 2ddba98..a223fa8 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "mist"
-version = "0.9.4"
+version = "0.9.5"
 authors = ["Hunter Wittenborn <hunter@hunterwittenborn.com"]
 description = "The official command-line interface for the makedeb Package Repository"
 edition = "2021"
diff --git a/makedeb/PKGBUILD b/makedeb/PKGBUILD
index 1963adc..ff22ef2 100644
--- a/makedeb/PKGBUILD
+++ b/makedeb/PKGBUILD
@@ -4,7 +4,7 @@
 # `-H 'MPR-Package: yes'` to your `makedeb` call if you want Mist to be able to
 # automatically update itself.
 pkgname=mist
-pkgver=0.9.4
+pkgver=0.9.5
 pkgrel=1
 pkgdesc='The official command-line interface for the makedeb Package Repository'
 arch=('any')
diff --git a/src/util.rs b/src/util.rs
index 324f5a8..1cc95ad 100644
--- a/src/util.rs
+++ b/src/util.rs
@@ -335,7 +335,7 @@ pub mod sudo {
     pub fn check_perms() {
         super::message::info("Obtaining root permissions...\n");
 
-        let mut cmd = self::run_as_normal_user("sudo");
+        let mut cmd = self::run_as_normal_user("/usr/bin/sudo");
         cmd.arg("true");
 
         if !cmd.spawn().unwrap().wait().unwrap().success() {
@@ -351,7 +351,7 @@ pub mod sudo {
 
     // Run a command as the normal user declared by [`NORMAL_UID`].
     pub fn run_as_normal_user<P: AsRef<super::OsStr>>(program: P) -> super::ProcCommand {
-        let mut cmd = super::ProcCommand::new("sudo");
+        let mut cmd = super::ProcCommand::new("/usr/bin/sudo");
         cmd.args(["-E", "-n"]);
         cmd.arg(format!("-u#{}", *self::NORMAL_UID));
         cmd.arg("--");