Stay Connected:

ELSA-2016-2593

ELSA-2016-2593 - sudo security, bug fix, and enhancement update

Type:SECURITY
Severity:LOW
Release Date:2016-11-09

Description


[1.8.6p7-20]
- RHEL 7.3 erratum
- fixed visudo's -q flag
Resolves: rhbz#1350828

[1.8.6p7-19]
- RHEL 7.3 erratum
- removed INPUTRC from env_keep to prevent a potential info leak
Resolves: rhbz#1340700

[1.8.6p7-18]
- RHEL 7.3 erratum
- removed requiretty flag from the default sudoers policy
- backported pam_service and pam_login_service defaults options
- implemented netgroup_tuple defaults option for changing netgroup
processing semantics
- fixed user matching logic in the LDAP nss backend
- don't allow visudo to accept an invalid sudoers file
- fixed a bug causing that non-root users can list privileges of
other users
- modified digest check documentation to mention the raciness of
the checking mechanism
Resolves: rhbz#1196451
Resolves: rhbz#1247230
Resolves: rhbz#1334331
Resolves: rhbz#1334360
Resolves: rhbz#1261998
Resolves: rhbz#1313364
Resolves: rhbz#1312486
Resolves: rhbz#1268958
Resolves: rhbz#1335039
Resolves: rhbz#1335042
Resolves: rhbz#1335045
Resolves: rhbz#1273243
Resolves: rhbz#1299883


Related CVEs


CVE-2016-7091

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 7 (x86_64) sudo-1.8.6p7-20.el7.src.rpmb3dd6c97497c34cde9c9423d87b7deaaELSA-2021-0221
sudo-1.8.6p7-20.el7.x86_64.rpm4dfb9dcf7a456f32af82964983958dfbELSA-2021-0221
sudo-devel-1.8.6p7-20.el7.i686.rpme565fdfd0d633ba7b1a3f6350e8da24fELSA-2021-0221
sudo-devel-1.8.6p7-20.el7.x86_64.rpm1c726da8e5bc39edcb3ce9d9413bd442ELSA-2021-0221



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights