[Oraclevm-errata] OVMSA-2016-0079 Oracle VM 3.2 sudo security update
Errata Announcements for Oracle VM
oraclevm-errata at oss.oracle.com
Tue Jun 21 10:10:39 PDT 2016
Oracle VM Security Advisory OVMSA-2016-0079
The following updated rpms for Oracle VM 3.2 have been uploaded to the
Unbreakable Linux Network:
x86_64:
sudo-1.7.2p1-29.el5_10.x86_64.rpm
SRPMS:
http://oss.oracle.com/oraclevm/server/3.2/SRPMS-updates/sudo-1.7.2p1-29.el5_10.src.rpm
Description of changes:
[1.7.2p1-29]
- added patch for CVE-2014-0106: certain environment variables not
sanitized when env_reset is disabled
Resolves: rhbz#1072210
[1.7.2p1-28]
- backported fixes for CVE-2013-1775 CVE-2013-1776 CVE-2013-2776
CVE-2013-2777
Resolves: rhbz#968221
[1.7.2p1-27]
- visudo: fixed incorrect warning and parse error regarding
undefined aliases which were in fact defined
Resolves: rhbz#849679
Resolves: rhbz#905624
[1.7.2p1-26]
- updated sudoers man-page to clarify the behavior of the user
negation operator and the behavior of wildcard matching in command
specifications
Resolves: rhbz#846118
Resolves: rhbz#856902
[1.7.2p1-25]
- fixed regression in escaping of sudo -i arguments
Resolves: rhbz#853203
[1.7.2p1-24]
- bump release number
[1.7.2p1-23]
- Fixed caching of user and group names
- Backported RFC 4515 escaping of LDAP queries
Resolves: rhbz#855836
Resolves: rhbz#869287
[1.7.2p1-22]
- Add the -c option to sed commands in post/postun scripts
Resolves: rhbz#818585
[1.7.2p1-21]
- Implement a new sudoers Defaults option to restore old command exec
behavior
Resolves: rhbz#840971
[1.7.2p1-20]
- Add ability to treat files authoritatively in sudoers.ldap
Resolves: rhbz#840097
[1.7.2p1-19]
- Changed policycoreutils dependency to a context specific dependency
(post & postun)
Resolves: rhbz#846694
[1.7.2p1-18]
- don't use a temporary file when modifying nsswitch.conf
- fix permissions on nsswitch.conf, if needed
Resolves: rhbz#846631
[1.7.2p1-17]
- added a workaround for a race condition in handling child processes
Resolves: rhbz#829263
[1.7.2p1-16]
- use safe temporary files in post/postun scripts
- corrected postun script
Resolves: rhbz#841070
[1.7.2p1-15]
- corrected release number
[1.7.2p1-14.2]
- call restorecon after modifying nsswitch.conf in the postun scriplet
- added policycoreutils dependency
Resolves: rhbz#818585
[1.7.2p1-14.1]
- fixed `sudo -i' command escaping (#806073)
- fixed multiple sudoHost LDAP attr. handlng (#740884)
Resolves: rhbz#740884
Resolves: rhbz#806073
More information about the Oraclevm-errata
mailing list