[linux-sparc-announce] LFSSA-2016-0380 Important: Linux for SPARC 1.0 sudo security update
Announcements for Linux for SPARC
linux-sparc-announce at oss.oracle.com
Mon Dec 12 11:40:22 PST 2016
Linux for SPARC Security Advisory LFSSA-2016-0380
The following updated rpms for Linux for SPARC 1.0 have been uploaded to
the yum.oracle.com:
sparc64:
sudo-1.8.6p3-25.el6_8.sparc64.rpm
sudo-devel-1.8.6p3-25.el6_8.sparc64.rpm
SRPMS:
http://yum.oracle.com/repo/linux_sparc64/latest/sudo-1.8.6p3-25.el6_8.src.rpm
Description of changes:
[1.8.6p3-25]
- Update noexec syscall blacklist
- Fixes CVE-2016-7032 and CVE-2016-7076
Resolves: rhbz#1391937
[1.8.6p3-24]
- RHEL-6.8 erratum
- fixed a bug causing that non-root users can list privileges of
other users
Resolves: rhbz#1312481
[1.8.6p3-23]
- RHEL-6.8 erratum
- fixed handling of closefrom_override defaults option
Resolves: rhbz#1309976
[1.8.6p3-22]
- RHEL-6.8 erratum
- fixed potential getcwd failure, resulting in Null pointer exception
Resolves: rhbz#1284886
[1.8.6p3-21]
- RHEL-6.8 erratum
- fixed sssd's detection of user with zero rules
Resolves: rhbz#1220480
[1.8.6p3-21]
- RHEL-6.8 erratum
- search also by user id when fetching rules from LDAP
Resolves: rhbz#1135531
[1.8.6p3-21]
- RHEL-6.8 erratum
- fixed ldap's and sssd's sudoOption value and remove quotes
- fixed ldap's and sssd's sudoOption whitespaces parse problem
Resolves: rhbz#1144422
Resolves: rhbz#1279447
[1.8.6p3-21]
- RHEL-6.8 erratum
- removed defaults option requiretty from /etc/sudoers
- backported pam_service and pam_login_service defaults options
- implemented a new defaults option for changing netgroup processing
semantics
- fixed visudo's quiet cli option
Resolves: rhbz#1248695
Resolves: rhbz#1247231
Resolves: rhbz#1241896
Resolves: rhbz#1197885
Resolves: rhbz#1233205
More information about the linux-sparc-announce
mailing list