[El-errata] ELSA-2016-2593 Low: Oracle Linux 7 sudo security, bug fix, and enhancement update

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Thu Nov 10 11:10:34 PST 2016


Oracle Linux Security Advisory ELSA-2016-2593

http://linux.oracle.com/errata/ELSA-2016-2593.html

The following updated rpms for Oracle Linux 7 have been uploaded to the 
Unbreakable Linux Network:

x86_64:
sudo-1.8.6p7-20.el7.x86_64.rpm
sudo-devel-1.8.6p7-20.el7.i686.rpm
sudo-devel-1.8.6p7-20.el7.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/sudo-1.8.6p7-20.el7.src.rpm



Description of changes:

[1.8.6p7-20]
- RHEL 7.3 erratum
   - fixed visudo's -q flag
   Resolves: rhbz#1350828

[1.8.6p7-19]
- RHEL 7.3 erratum
   - removed INPUTRC from env_keep to prevent a potential info leak
   Resolves: rhbz#1340700

[1.8.6p7-18]
- RHEL 7.3 erratum
   - removed requiretty flag from the default sudoers policy
   - backported pam_service and pam_login_service defaults options
   - implemented netgroup_tuple defaults option for changing netgroup
     processing semantics
   - fixed user matching logic in the LDAP nss backend
   - don't allow visudo to accept an invalid sudoers file
   - fixed a bug causing that non-root users can list privileges of
     other users
   - modified digest check documentation to mention the raciness of
     the checking mechanism
   Resolves: rhbz#1196451
   Resolves: rhbz#1247230
   Resolves: rhbz#1334331
   Resolves: rhbz#1334360
   Resolves: rhbz#1261998
   Resolves: rhbz#1313364
   Resolves: rhbz#1312486
   Resolves: rhbz#1268958
   Resolves: rhbz#1335039
   Resolves: rhbz#1335042
   Resolves: rhbz#1335045
   Resolves: rhbz#1273243
   Resolves: rhbz#1299883





More information about the El-errata mailing list