[El-errata] ELSA-2016-2593 Low: Oracle Linux 7 sudo security, bug fix, and enhancement update

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Thu Nov 10 11:10:34 PST 2016

Oracle Linux Security Advisory ELSA-2016-2593


The following updated rpms for Oracle Linux 7 have been uploaded to the 
Unbreakable Linux Network:



Description of changes:

- RHEL 7.3 erratum
   - fixed visudo's -q flag
   Resolves: rhbz#1350828

- RHEL 7.3 erratum
   - removed INPUTRC from env_keep to prevent a potential info leak
   Resolves: rhbz#1340700

- RHEL 7.3 erratum
   - removed requiretty flag from the default sudoers policy
   - backported pam_service and pam_login_service defaults options
   - implemented netgroup_tuple defaults option for changing netgroup
     processing semantics
   - fixed user matching logic in the LDAP nss backend
   - don't allow visudo to accept an invalid sudoers file
   - fixed a bug causing that non-root users can list privileges of
     other users
   - modified digest check documentation to mention the raciness of
     the checking mechanism
   Resolves: rhbz#1196451
   Resolves: rhbz#1247230
   Resolves: rhbz#1334331
   Resolves: rhbz#1334360
   Resolves: rhbz#1261998
   Resolves: rhbz#1313364
   Resolves: rhbz#1312486
   Resolves: rhbz#1268958
   Resolves: rhbz#1335039
   Resolves: rhbz#1335042
   Resolves: rhbz#1335045
   Resolves: rhbz#1273243
   Resolves: rhbz#1299883

More information about the El-errata mailing list