Oval Definition:oval:org.opensuse.security:def:50675
Revision Date:2020-12-01Version:1
Title:Security update for sudo (Important)
Description:

This update for sudo fixes the following issue:

- CVE-2019-14287: Fixed an issue where a user with sudo privileges that allowed them to run commands with an arbitrary uid, could run commands as root, despite being forbidden to do so in sudoers (bsc#1153674).
Family:unixClass:patch
Status:Reference(s):1027519
1050244
1051510
1051858
1055117
1058115
1061840
1065600
1065729
1071995
1083647
1083710
1085030
1086301
1086313
1086314
1088047
1089895
1094555
1098633
1103990
1103991
1103992
1104745
1106383
1106843
1107424
1109837
1109911
1111666
1112374
1113719
1114279
1114685
1118338
1119113
1119222
1119532
1120386
1120423
1123080
1125703
1127034
1127315
1127611
1128432
1128902
1129403
1129770
1130836
1132390
1133021
1133401
1133738
1134090
1134097
1134390
1134395
1134399
1134506
1134730
1134738
1134973
1135153
1135296
1135335
1135556
1135642
1135897
1136020
1136156
1136157
1136161
1136217
1136264
1136271
1136333
1136342
1136343
1136345
1136348
1136460
1136461
1136462
1136467
1137103
1137194
1137224
1137366
1137429
1137458
1137534
1137535
1137584
1137586
1137609
1137625
1137728
1137811
1137827
1137884
1137985
1138263
1138291
1138293
1138336
1138374
1138375
1138589
1138681
1138719
1138732
1138874
1138879
1139358
1139619
1139712
1139751
1139771
1139865
1140133
1140139
1140228
1140322
1140328
1140405
1140424
1140428
1140454
1140463
1140559
1140575
1140577
1140637
1140652
1140658
1140676
1140715
1140719
1140726
1140727
1140728
1140814
1140887
1140888
1140889
1140891
1140893
1140903
1140945
1140948
1140954
1140955
1140956
1140957
1140958
1140959
1140960
1140961
1140962
1140964
1140971
1140972
1140992
1141312
1141401
1141402
1141452
1141453
1141454
1141478
1141558
1142023
1142052
1142083
1142112
1142115
1142119
1142220
1142221
1142265
1142350
1142351
1142354
1142359
1142450
1142623
1142673
1142701
1142868
1143003
1143105
1143185
1143189
1143191
1143209
1143507
1143959
1144333
1151910
1151927
1153674
1153917
1154243
1154824
1155200
1156286
1157155
1157157
1157490
1157692
1158013
1158021
1158026
1158265
1158819
1159028
1159198
1159271
1159285
1159394
1159483
1159484
1159569
1159588
1159819
1159841
1159908
1159909
1159910
1159911
1159955
1160195
1160210
1160211
1160218
1160398
1160433
1160442
1160476
1160560
1160755
1160756
1160784
1160787
1160802
1160803
1160804
1160917
1160922
1160932
1160966
1161087
1161514
1161518
1161522
1161523
1161549
1161552
1161555
1161674
1161931
1161933
1161934
1161935
1161936
1161937
1161951
1162067
1162109
1162139
1162296
1162928
1162929
1162931
1163971
1164051
1164069
1164078
1164705
1164712
1164727
1164728
1164729
1164730
1164731
1164732
1164733
1164734
1164735
1164871
1165111
1165206
1165548
1165631
1165741
1165873
1165881
1165984
1165985
1166969
1167007
1167152
1167421
1167423
1167629
1168075
1168140
1168142
1168143
1168276
1168295
1168424
1168554
1168670
1168829
1168854
1169390
1169392
1169511
1169514
1169625
1169746
1170056
1170345
1170617
1170618
1170621
1170778
1170901
1171098
1171186
1171189
1171191
1171195
1171202
1171205
1171217
1171218
1171219
1171220
1171352
1171689
1171863
1171864
1171866
1171978
1171982
1171983
1172221
1172317
1172348
1172453
1172458
1173942
1174247
1175193
1175194
1175568
1175992
1176012
1176072
1176116
1176256
1176257
1176258
1176259
1176382
1176896
941629
CVE-2018-1000199
CVE-2018-16548
CVE-2018-16871
CVE-2018-18751
CVE-2018-20836
CVE-2018-20855
CVE-2019-10638
CVE-2019-10639
CVE-2019-1125
CVE-2019-11478
CVE-2019-11599
CVE-2019-11810
CVE-2019-12614
CVE-2019-12817
CVE-2019-12818
CVE-2019-12819
CVE-2019-13233
CVE-2019-13631
CVE-2019-13648
CVE-2019-14283
CVE-2019-14284
CVE-2019-14287
CVE-2019-14615
CVE-2019-14896
CVE-2019-14897
CVE-2019-16994
CVE-2019-17006
CVE-2019-18904
CVE-2019-19036
CVE-2019-19045
CVE-2019-19054
CVE-2019-19318
CVE-2019-19319
CVE-2019-19447
CVE-2019-19462
CVE-2019-19768
CVE-2019-19770
CVE-2019-19965
CVE-2019-19966
CVE-2019-20054
CVE-2019-20095
CVE-2019-20096
CVE-2019-20810
CVE-2019-20812
CVE-2019-3701
CVE-2019-9455
CVE-2019-9458
CVE-2020-0431
CVE-2020-0543
CVE-2020-10543
CVE-2020-10690
CVE-2020-10711
CVE-2020-10720
CVE-2020-10732
CVE-2020-10751
CVE-2020-10757
CVE-2020-10878
CVE-2020-10942
CVE-2020-11494
CVE-2020-11608
CVE-2020-11609
CVE-2020-11668
CVE-2020-11669
CVE-2020-11739
CVE-2020-11740
CVE-2020-11741
CVE-2020-11742
CVE-2020-11743
CVE-2020-12114
CVE-2020-12387
CVE-2020-12388
CVE-2020-12389
CVE-2020-12392
CVE-2020-12393
CVE-2020-12395
CVE-2020-12399
CVE-2020-12464
CVE-2020-12652
CVE-2020-12653
CVE-2020-12654
CVE-2020-12655
CVE-2020-12656
CVE-2020-12657
CVE-2020-12723
CVE-2020-12769
CVE-2020-13143
CVE-2020-14331
CVE-2020-14349
CVE-2020-14350
CVE-2020-14381
CVE-2020-14386
CVE-2020-15166
CVE-2020-1749
CVE-2020-24394
CVE-2020-25212
CVE-2020-2732
CVE-2020-2754
CVE-2020-2755
CVE-2020-2756
CVE-2020-2757
CVE-2020-2773
CVE-2020-2781
CVE-2020-2800
CVE-2020-2803
CVE-2020-2805
CVE-2020-2830
CVE-2020-6831
CVE-2020-7053
CVE-2020-8027
CVE-2020-8428
CVE-2020-8647
CVE-2020-8648
CVE-2020-8649
CVE-2020-8834
CVE-2020-8992
CVE-2020-9383
SUSE-SU-2019:2069-1
SUSE-SU-2019:2656-1
SUSE-SU-2019:2750-1
SUSE-SU-2020:1124-1
SUSE-SU-2020:1179-1
SUSE-SU-2020:1209-1
SUSE-SU-2020:1663-1
SUSE-SU-2020:1677-1
SUSE-SU-2020:2271-1
SUSE-SU-2020:2525-1
SUSE-SU-2020:2712-1
Platform(s):SUSE Linux Enterprise Desktop 11 SP4
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Module for Basesystem 15 SP1
SUSE Linux Enterprise Module for Legacy Software 15 SP1
SUSE Linux Enterprise Module for Live Patching 15
SUSE Linux Enterprise Module for Live Patching 15 SP1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2
SUSE Linux Enterprise Module for Public Cloud 15 SP1
SUSE Linux Enterprise Module for Server Applications 15 SP1
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 15-LTSS
SUSE Linux Enterprise Server for SAP Applications 15
SUSE Linux Enterprise Workstation Extension 15 SP1
SUSE OpenStack Cloud 6
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP4 is installed
  • AND cabextract-1.2-2.12 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 is installed
  • AND Package Information
  • libHX28-3.18-1 is installed
  • OR libHX28-32bit-3.18-1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND Package Information
  • libXext6-1.3.2-3 is installed
  • OR libXext6-32bit-1.3.2-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND Package Information
  • DirectFB-1.7.1-6 is installed
  • OR lib++dfb-1_7-1-1.7.1-6 is installed
  • OR libdirectfb-1_7-1-1.7.1-6 is installed
  • OR libdirectfb-1_7-1-32bit-1.7.1-6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND Package Information
  • dbus-1-glib-0.100.2-3 is installed
  • OR dbus-1-glib-32bit-0.100.2-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND Package Information
  • bind-utils-9.11.2-1 is installed
  • OR libbind9-160-9.11.2-1 is installed
  • OR libdns169-9.11.2-1 is installed
  • OR libirs160-9.11.2-1 is installed
  • OR libisc166-9.11.2-1 is installed
  • OR libisc166-32bit-9.11.2-1 is installed
  • OR libisccc160-9.11.2-1 is installed
  • OR libisccfg160-9.11.2-1 is installed
  • OR liblwres160-9.11.2-1 is installed
  • OR python-bind-9.11.2-1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Basesystem 15 SP1 is installed
  • AND Package Information
  • sudo-1.8.22-4.6 is installed
  • OR sudo-devel-1.8.22-4.6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Legacy Software 15 SP1 is installed
  • AND Package Information
  • openldap2-2.4.46-9.37 is installed
  • OR openldap2-back-meta-2.4.46-9.37 is installed
  • OR openldap2-back-perl-2.4.46-9.37 is installed
  • OR openldap2-ppolicy-check-password-1.2-9.37 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Live Patching 15 is installed
  • AND Package Information
  • kernel-livepatch-4_12_14-150_55-default-2-2 is installed
  • OR kernel-livepatch-SLE15_Update_19-2-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Live Patching 15 SP1 is installed
  • AND Package Information
  • kernel-livepatch-4_12_14-197_37-default-6-2 is installed
  • OR kernel-livepatch-SLE15-SP1_Update_10-6-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed
  • AND Package Information
  • libzzip-0-13-32bit-0.13.69-3.10 is installed
  • OR zziplib-0.13.69-3.10 is installed
  • OR zziplib-devel-32bit-0.13.69-3.10 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2 is installed
  • AND Package Information
  • perl-5.26.1-7.12 is installed
  • OR perl-32bit-5.26.1-7.12 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Public Cloud 15 SP1 is installed
  • AND Package Information
  • kernel-azure-4.12.14-8.13 is installed
  • OR kernel-azure-base-4.12.14-8.13 is installed
  • OR kernel-azure-devel-4.12.14-8.13 is installed
  • OR kernel-devel-azure-4.12.14-8.13 is installed
  • OR kernel-source-azure-4.12.14-8.13 is installed
  • OR kernel-syms-azure-4.12.14-8.13 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed
  • AND Package Information
  • libecpg6-12.4-3.11 is installed
  • OR postgresql12-12.4-3.11 is installed
  • OR postgresql12-contrib-12.4-3.11 is installed
  • OR postgresql12-devel-12.4-3.11 is installed
  • OR postgresql12-docs-12.4-3.11 is installed
  • OR postgresql12-plperl-12.4-3.11 is installed
  • OR postgresql12-plpython-12.4-3.11 is installed
  • OR postgresql12-pltcl-12.4-3.11 is installed
  • OR postgresql12-server-12.4-3.11 is installed
  • OR postgresql12-server-devel-12.4-3.11 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • accountsservice-0.6.35-3 is installed
  • OR accountsservice-lang-0.6.35-3 is installed
  • OR libaccountsservice0-0.6.35-3 is installed
  • OR typelib-1_0-AccountsService-1_0-0.6.35-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • kgraft-patch-3_12_74-60_64_40-default-4-2 is installed
  • OR kgraft-patch-3_12_74-60_64_40-xen-4-2 is installed
  • OR kgraft-patch-SLE12-SP1_Update_15-4-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • libHX28-3.18-1 is installed
  • OR libHX28-32bit-3.18-1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND ucode-intel-20180807-13.29 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • libopenssl-devel-1.0.2j-60.39 is installed
  • OR libopenssl1_0_0-1.0.2j-60.39 is installed
  • OR libopenssl1_0_0-32bit-1.0.2j-60.39 is installed
  • OR libopenssl1_0_0-hmac-1.0.2j-60.39 is installed
  • OR libopenssl1_0_0-hmac-32bit-1.0.2j-60.39 is installed
  • OR openssl-1.0.2j-60.39 is installed
  • OR openssl-doc-1.0.2j-60.39 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_120-92_70-default-4-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_20-4-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • apache2-mod_apparmor-2.8.2-49 is installed
  • OR apparmor-docs-2.8.2-49 is installed
  • OR apparmor-parser-2.8.2-49 is installed
  • OR apparmor-profiles-2.8.2-49 is installed
  • OR apparmor-utils-2.8.2-49 is installed
  • OR libapparmor1-2.8.2-49 is installed
  • OR libapparmor1-32bit-2.8.2-49 is installed
  • OR pam_apparmor-2.8.2-49 is installed
  • OR pam_apparmor-32bit-2.8.2-49 is installed
  • OR perl-apparmor-2.8.2-49 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • libpython2_7-1_0-2.7.13-28.31 is installed
  • OR libpython2_7-1_0-32bit-2.7.13-28.31 is installed
  • OR python-2.7.13-28.31 is installed
  • OR python-32bit-2.7.13-28.31 is installed
  • OR python-base-2.7.13-28.31 is installed
  • OR python-base-32bit-2.7.13-28.31 is installed
  • OR python-curses-2.7.13-28.31 is installed
  • OR python-demo-2.7.13-28.31 is installed
  • OR python-devel-2.7.13-28.31 is installed
  • OR python-doc-2.7.13-28.31 is installed
  • OR python-doc-pdf-2.7.13-28.31 is installed
  • OR python-gdbm-2.7.13-28.31 is installed
  • OR python-idle-2.7.13-28.31 is installed
  • OR python-tk-2.7.13-28.31 is installed
  • OR python-xml-2.7.13-28.31 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • java-1_7_1-ibm-1.7.1_sr4.50-38.41 is installed
  • OR java-1_7_1-ibm-alsa-1.7.1_sr4.50-38.41 is installed
  • OR java-1_7_1-ibm-jdbc-1.7.1_sr4.50-38.41 is installed
  • OR java-1_7_1-ibm-plugin-1.7.1_sr4.50-38.41 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • libgcrypt-1.6.1-16.58 is installed
  • OR libgcrypt20-1.6.1-16.58 is installed
  • OR libgcrypt20-32bit-1.6.1-16.58 is installed
  • OR libgcrypt20-hmac-1.6.1-16.58 is installed
  • OR libgcrypt20-hmac-32bit-1.6.1-16.58 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • jakarta-taglibs-standard-1.1.1-255 is installed
  • OR jakarta-taglibs-standard-javadoc-1.1.1-255 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 15-LTSS is installed
  • AND Package Information
  • rmt-server-2.5.7-3.31 is installed
  • OR rmt-server-config-2.5.7-3.31 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server for SAP Applications 15 is installed
  • AND Package Information
  • java-11-openjdk-11.0.8.0-3.45 is installed
  • OR java-11-openjdk-demo-11.0.8.0-3.45 is installed
  • OR java-11-openjdk-devel-11.0.8.0-3.45 is installed
  • OR java-11-openjdk-headless-11.0.8.0-3.45 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 SP1 is installed
  • AND Package Information
  • evolution-3.26.6-4.3 is installed
  • OR evolution-devel-3.26.6-4.3 is installed
  • OR evolution-lang-3.26.6-4.3 is installed
  • OR evolution-plugin-bogofilter-3.26.6-4.3 is installed
  • OR evolution-plugin-pst-import-3.26.6-4.3 is installed
  • OR evolution-plugin-spamassassin-3.26.6-4.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 6 is installed
  • AND Package Information
  • java-1_7_0-openjdk-1.7.0.161-43.7 is installed
  • OR java-1_7_0-openjdk-demo-1.7.0.161-43.7 is installed
  • OR java-1_7_0-openjdk-devel-1.7.0.161-43.7 is installed
  • OR java-1_7_0-openjdk-headless-1.7.0.161-43.7 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • openslp-2.0.0-18.17 is installed
  • OR openslp-32bit-2.0.0-18.17 is installed
  • OR openslp-server-2.0.0-18.17 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • libssh2-1-1.4.3-20.9 is installed
  • OR libssh2-1-32bit-1.4.3-20.9 is installed
  • OR libssh2_org-1.4.3-20.9 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • ruby2.1-rubygem-loofah-2.0.2-3.8 is installed
  • OR rubygem-loofah-2.0.2-3.8 is installed
    • BACK