[Oraclevm-errata] OVMSA-2015-0103 Oracle VM 3.3 sudo security update

Errata Announcements for Oracle VM oraclevm-errata at oss.oracle.com
Thu Jul 30 20:32:59 PDT 2015

Oracle VM Security Advisory OVMSA-2015-0103

The following updated rpms for Oracle VM 3.3 have been uploaded to the 
Unbreakable Linux Network:



Description of changes:

- RHEL-6.7 erratum
   - modified the authlogicfix patch to fix #1144448
   - fixed a bug in the ldapusermatchfix patch
   Resolves: rhbz#1144448
   Resolves: rhbz#1142122

- RHEL-6.7 erratum
   - fixed the mantypos-ldap.patch
   Resolves: rhbz#1138267

- RHEL-6.7 erratum
   - added patch for CVE-2014-9680
   - added BuildRequires for tzdata
   Resolves: rhbz#1200253

- RHEL-6.7 erratum
   - added zlib-devel build required to enable zlib compression support
   - fixed two typos in the sudoers.ldap man page
   - fixed a hang when duplicate nss entries are specified in nsswitch.conf
   - SSSD: implemented sorting of the result entries according to the
           sudoOrder attribute
   - LDAP: fixed logic handling the computation of the "user matched" flag
   - fixed restoring of the SIGPIPE signal in the tgetpass function
   - fixed listpw, verifypw + authenticate option logic in LDAP/SSSD
   Resolves: rhbz#1106433
   Resolves: rhbz#1138267
   Resolves: rhbz#1147498
   Resolves: rhbz#1138581
   Resolves: rhbz#1142122
   Resolves: rhbz#1094548
   Resolves: rhbz#1144448

- RHEL-6.6 erratum
   - SSSD: dropped the ipahostnameshort patch, as it is not
     needed. rhbz#1033703 is a configuration issue.
   Related: rhbz#1033703

- RHEL-6.6 erratum
   - SSSD: fixed netgroup filter patch
   - SSSD: dropped serparate patch for #1006463, the fix is now part
     of the netgroup filter patch
   Resolves: rhbz#1006463
   Resolves: rhbz#1083064

- RHEL-6.6 erratum
   - don't retry authentication when ctrl-c pressed
   - fix double-quote processing in Defaults options
   - fix sesh login shell argv[0]
   - handle the "(none)" hostname correctly
   - SSSD: fix ipa_hostname handling
   - SSSD: fix sudoUser netgroup specification filtering
   - SSSD: list correct user when -U <user> -l specified
   - SSSD: show rule names on long listing (-ll)
   Resolves: rhbz#1065415
   Resolves: rhbz#1078338
   Resolves: rhbz#1052940
   Resolves: rhbz#1083064
   Resolves: rhbz#1033703
   Resolves: rhbz#1006447
   Resolves: rhbz#1006463
   Resolves: rhbz#1070952

More information about the Oraclevm-errata mailing list