ELSA-2012-0309

Опубликовано: 01 мар. 2012

Источник: oracle-oval

Платформа: Oracle Linux 5

Описание

ELSA-2012-0309: sudo security and bug fix update (LOW)

[1.7.2p1-13]

patch: parse ldap.conf more closely to nss_ldap Resolves: rhbz#750318

[1.7.2p1-12]

added patch for CVE-2011-0010 Resolves: rhbz#757157

[1.7.2p1-11]

backported selinux support from 1.7.4p5 (#477185, #673157)
fixed bug in Runas_Spec group matching (#627543)
disable 'sudo -l' output word wrapping if the output is piped (#697111)
fixed overwriting of errno after execve failure (#673157)
fixed segmentation fault (#673072)
add a sudoers entry to the nsswitch.conf file on install (and delete it on uninstall) (#617061) Resolves: rhbz#697111 Resolves: rhbz#673157 Resolves: rhbz#673072 Resolves: rhbz#627543 Resolves: rhbz#617061 Resolves: rhbz#477185

Обновленные пакеты

Oracle Linux 5

Oracle Linux ia64

sudo

1.7.2p1-13.el5

Oracle Linux x86_64

sudo

1.7.2p1-13.el5

Oracle Linux i386

sudo

1.7.2p1-13.el5

Связанные CVE

CVE-2011-0010

Ссылки на источники

Связанные уязвимости

CVE-2011-0010

ubuntu

больше 14 лет назад

check.c in sudo 1.7.x before 1.7.4p5, when a Runas group is configured, does not require a password for command execution that involves a gid change but no uid change, which allows local users to bypass an intended authentication requirement via the -g option to a sudo command.

CVE-2011-0010

redhat

больше 14 лет назад

CVE-2011-0010

nvd

больше 14 лет назад

CVE-2011-0010

debian

больше 14 лет назад

check.c in sudo 1.7.x before 1.7.4p5, when a Runas group is configured ...

GHSA-mxvj-5g45-2vv5

github

около 3 лет назад