ELSA-2020-1804

ELSA-2020-1804 - sudo security, bug fix, and enhancement update

Type:SECURITY
Impact:MODERATE
Release Date:2020-05-05

Description


[1.8.29-5]
- RHEL 8.2 ERRATUM
- CVE-2019-18634
Resolves: rhbz#1798093

[1.8.29-4]
- RHEL 8.2 ERRATUM
- CVE-2019-19232
Resolves: rhbz#1786987
Resolves: rhbz#1796518

[1.8.29-2]
- RHEL 8.2 ERRATUM
- rebase to 1.8.29
Resolves: rhbz#1733961
Resolves: rhbz#1651662

[1.8.28p1-1]
- RHEL 8.2 ERRATUM
- rebase to 1.8.28p1
Resolves: rhbz#1733961
- fixed man page for always_set_home
Resolves: rhbz#1576880
- sudo does not work with notbefore/after
Resolves: rhbz#1679508
- NOTBEFORE showing value of sudoNotAfter Ldap attribute
Resolves: rhbz#1715516
- CVE-2019-14287 sudo
- Privilege escalation via 'Runas' specification with 'ALL' keyword
Resolves: rhbz#1760697


Related CVEs


CVE-2019-19232

Updated Packages


Release/ArchitectureFilenamesha256Superseded By AdvisoryChannel Label
Oracle Linux 8 (aarch64) sudo-1.8.29-5.el8.src.rpmbf08552c998dff4df4e28513423b870f2f4dc70d225f6af0caffe8795a842cbb-ol8_aarch64_baseos_latest
sudo-1.8.29-5.el8.src.rpmbf08552c998dff4df4e28513423b870f2f4dc70d225f6af0caffe8795a842cbb-ol8_aarch64_u2_baseos_base
sudo-1.8.29-5.el8.aarch64.rpm3b8cee35c94c7cf42ad1ba41c0f99dfa9221c771d1a38aba7b85aa404a52bb19-ol8_aarch64_baseos_latest
sudo-1.8.29-5.el8.aarch64.rpm3b8cee35c94c7cf42ad1ba41c0f99dfa9221c771d1a38aba7b85aa404a52bb19-ol8_aarch64_u2_baseos_base
Oracle Linux 8 (x86_64) sudo-1.8.29-5.el8.src.rpmbf08552c998dff4df4e28513423b870f2f4dc70d225f6af0caffe8795a842cbb-ol8_x86_64_baseos_latest
sudo-1.8.29-5.el8.src.rpmbf08552c998dff4df4e28513423b870f2f4dc70d225f6af0caffe8795a842cbb-ol8_x86_64_u2_baseos_base
sudo-1.8.29-5.el8.x86_64.rpm27cd80cdb45f8aebee6a2e475d9f83792ac2ce70809b30ed4d2673c4575f822f-ol8_x86_64_baseos_latest
sudo-1.8.29-5.el8.x86_64.rpm27cd80cdb45f8aebee6a2e475d9f83792ac2ce70809b30ed4d2673c4575f822f-ol8_x86_64_u2_baseos_base



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete