ELSA-2012-1149

Опубликовано: 07 авг. 2012

Источник: oracle-oval

Платформа: Oracle Linux 5

Описание

ELSA-2012-1149: sudo security and bug fix update (MODERATE)

[1.7.2p1-14.2]

added a workaround for a race condition in handling child processes Resolves: rhbz#844978

[1.7.2p1-14.1]

dont remove the sudoers: line from nsswitch.conf on update
use safe temporary file for nsswitch.conf
call restorecon after modifying nsswitch.conf
fixed command escaping
patch: Use SIG_SETMASK when resetting signal mask instead of SIG_UNBLOCK Resolves: rhbz#842759 Resolves: rhbz#844420 Resolves: rhbz#844419 Resolves: rhbz#844418 Resolves: rhbz#844443

Обновленные пакеты

Oracle Linux 5

Oracle Linux ia64

sudo

1.7.2p1-14.el5_8.2

Oracle Linux x86_64

sudo

1.7.2p1-14.el5_8.2

Oracle Linux i386

sudo

1.7.2p1-14.el5_8.2

Связанные CVE

CVE-2012-3440

Ссылки на источники

Связанные уязвимости

CVE-2012-3440

ubuntu

около 13 лет назад

A certain Red Hat script for sudo 1.7.2 on Red Hat Enterprise Linux (RHEL) 5 allows local users to overwrite arbitrary files via a symlink attack on the /var/tmp/nsswitch.conf.bak temporary file.

CVE-2012-3440

redhat

около 13 лет назад

A certain Red Hat script for sudo 1.7.2 on Red Hat Enterprise Linux (RHEL) 5 allows local users to overwrite arbitrary files via a symlink attack on the /var/tmp/nsswitch.conf.bak temporary file.

CVE-2012-3440

nvd

около 13 лет назад

A certain Red Hat script for sudo 1.7.2 on Red Hat Enterprise Linux (RHEL) 5 allows local users to overwrite arbitrary files via a symlink attack on the /var/tmp/nsswitch.conf.bak temporary file.

CVE-2012-3440

debian

около 13 лет назад

A certain Red Hat script for sudo 1.7.2 on Red Hat Enterprise Linux (R ...

GHSA-f2xg-m95q-882q

github

больше 3 лет назад

A certain Red Hat script for sudo 1.7.2 on Red Hat Enterprise Linux (RHEL) 5 allows local users to overwrite arbitrary files via a symlink attack on the /var/tmp/nsswitch.conf.bak temporary file.