[El-errata] ELSA-2016-2593 Low: Oracle Linux 7 sudo security, bug fix, and enhancement update
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Thu Nov 10 11:10:34 PST 2016
Oracle Linux Security Advisory ELSA-2016-2593
http://linux.oracle.com/errata/ELSA-2016-2593.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
x86_64:
sudo-1.8.6p7-20.el7.x86_64.rpm
sudo-devel-1.8.6p7-20.el7.i686.rpm
sudo-devel-1.8.6p7-20.el7.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/sudo-1.8.6p7-20.el7.src.rpm
Description of changes:
[1.8.6p7-20]
- RHEL 7.3 erratum
- fixed visudo's -q flag
Resolves: rhbz#1350828
[1.8.6p7-19]
- RHEL 7.3 erratum
- removed INPUTRC from env_keep to prevent a potential info leak
Resolves: rhbz#1340700
[1.8.6p7-18]
- RHEL 7.3 erratum
- removed requiretty flag from the default sudoers policy
- backported pam_service and pam_login_service defaults options
- implemented netgroup_tuple defaults option for changing netgroup
processing semantics
- fixed user matching logic in the LDAP nss backend
- don't allow visudo to accept an invalid sudoers file
- fixed a bug causing that non-root users can list privileges of
other users
- modified digest check documentation to mention the raciness of
the checking mechanism
Resolves: rhbz#1196451
Resolves: rhbz#1247230
Resolves: rhbz#1334331
Resolves: rhbz#1334360
Resolves: rhbz#1261998
Resolves: rhbz#1313364
Resolves: rhbz#1312486
Resolves: rhbz#1268958
Resolves: rhbz#1335039
Resolves: rhbz#1335042
Resolves: rhbz#1335045
Resolves: rhbz#1273243
Resolves: rhbz#1299883
More information about the El-errata
mailing list