OVAL Reference oval:org.opensuse.security:def:5074

Oval Definition:

oval:org.opensuse.security:def:5074

Revision Date:	2021-01-26	Version:	1
Title:	Security update for sudo (Important)
Description:	This update for sudo fixes the following issues: - A Heap-based buffer overflow in sudo could be exploited to allow a user to gain root privileges [bsc#1181090,CVE-2021-3156] - It was possible for a user to test for the existence of a directory due to a Race Condition in `sudoedit` [bsc#1180684,CVE-2021-23239] - A Possible Symlink Attack vector existed in `sudoedit` if SELinux was running in permissive mode [bsc#1180685, CVE-2021-23240] - It was possible for a User to enable Debug Settings not Intended for them [bsc#1180687]
Family:	unix	Class:	patch
Status:		Reference(s):	1082318 1154980 1157712 1157714 1172760 1172810 1175155 1176579 1180684 1180685 1180687 1181090 CVE-2006-0855 CVE-2007-1669 CVE-2009-0035 CVE-2009-0159 CVE-2009-0793 CVE-2009-1252 CVE-2009-2624 CVE-2009-2694 CVE-2009-2703 CVE-2009-3026 CVE-2009-3083 CVE-2009-3084 CVE-2009-3085 CVE-2009-3615 CVE-2010-0001 CVE-2010-0013 CVE-2010-0277 CVE-2010-0420 CVE-2010-0423 CVE-2010-1624 CVE-2010-2528 CVE-2010-3711 CVE-2011-1091 CVE-2011-2485 CVE-2011-2513 CVE-2011-2514 CVE-2011-3377 CVE-2011-3594 CVE-2011-4349 CVE-2012-1152 CVE-2012-2214 CVE-2012-3374 CVE-2012-3422 CVE-2012-3423 CVE-2012-4540 CVE-2012-4559 CVE-2012-4560 CVE-2012-4561 CVE-2012-6152 CVE-2013-0176 CVE-2013-0271 CVE-2013-0272 CVE-2013-0273 CVE-2013-0274 CVE-2013-1926 CVE-2013-1927 CVE-2013-4276 CVE-2013-4349 CVE-2013-5211 CVE-2013-6477 CVE-2013-6478 CVE-2013-6479 CVE-2013-6481 CVE-2013-6482 CVE-2013-6483 CVE-2013-6484 CVE-2013-6485 CVE-2013-6486 CVE-2013-6487 CVE-2014-0017 CVE-2014-0020 CVE-2014-0105 CVE-2014-3695 CVE-2014-3696 CVE-2014-3698 CVE-2015-5234 CVE-2015-5235 CVE-2019-18277 CVE-2020-1472 CVE-2020-17489 CVE-2021-23239 CVE-2021-23240 CVE-2021-3156 SUSE-SU-2019:3126-1 SUSE-SU-2020:2719-1 SUSE-SU-2020:3132-1 SUSE-SU-2021:0225-1
Platform(s):	openSUSE 13.1 SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise High Availability 12 SUSE Linux Enterprise High Availability 12 SP1 SUSE Linux Enterprise High Availability 12 SP2 SUSE Linux Enterprise High Availability 12 SP3 SUSE Linux Enterprise High Availability 12 SP4 SUSE Linux Enterprise High Availability 12 SP5 SUSE Linux Enterprise High Availability 15 SUSE Linux Enterprise High Availability 15 SP1 SUSE Linux Enterprise High Performance Computing 12 SP5 SUSE Linux Enterprise Live Patching 12 SUSE Linux Enterprise Live Patching 12 SP3 SUSE Linux Enterprise Module for Containers 12 SUSE Linux Enterprise Module for Legacy Software 12 SUSE Linux Enterprise Module for Public Cloud 12 SUSE Linux Enterprise Module for Toolchain 12 SUSE Linux Enterprise Module for Web Scripting 12 SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Server 12-LTSS SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 SUSE Linux Enterprise Server for SAP Applications 12 SP5 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Software Development Kit 12 SP1 SUSE Linux Enterprise Software Development Kit 12 SP2 SUSE Linux Enterprise Software Development Kit 12 SP3 SUSE Linux Enterprise Software Development Kit 12 SP5 SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Workstation Extension 12 SP1 SUSE Linux Enterprise Workstation Extension 12 SP2 SUSE Linux Enterprise Workstation Extension 15 SP2 SUSE OpenStack Cloud 5	Product(s):
Definition Synopsis
SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 is installed AND Package Information python-keystoneclient-1.0.0-14 is installed OR python-keystoneclient-doc-1.0.0-14 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP2 is installed AND ruby-1.8.7.p357-0.9.13.1 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information libmysql55client18-5.5.45-0.11.1 is installed OR libmysql55client18-32bit-5.5.45-0.11.1 is installed OR libmysql55client_r18-5.5.45-0.11.1 is installed OR libmysql55client_r18-32bit-5.5.45-0.11.1 is installed OR mysql-5.5.45-0.11.1 is installed OR mysql-client-5.5.45-0.11.1 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND Package Information alsa-1.0.27.2-11 is installed OR libasound2-1.0.27.2-11 is installed OR libasound2-32bit-1.0.27.2-11 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information finch-2.10.9-8 is installed OR libpurple-2.10.9-8 is installed OR libpurple-lang-2.10.9-8 is installed OR libpurple-meanwhile-2.10.9-8 is installed OR libpurple-tcl-2.10.9-8 is installed OR pidgin-2.10.9-8 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information accountsservice-0.6.42-14 is installed OR accountsservice-lang-0.6.42-14 is installed OR libaccountsservice0-0.6.42-14 is installed OR typelib-1_0-AccountsService-1_0-0.6.42-14 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND argyllcms-1.6.3-3 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information ImageMagick-6.8.8.1-71.85 is installed OR libMagick++-6_Q16-3-6.8.8.1-71.85 is installed OR libMagickCore-6_Q16-1-6.8.8.1-71.85 is installed OR libMagickCore-6_Q16-1-32bit-6.8.8.1-71.85 is installed OR libMagickWand-6_Q16-1-6.8.8.1-71.85 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 is installed AND python-PyYAML-3.10-15.1 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP1 is installed AND Package Information ctdb-4.2.4-28.3.1 is installed OR samba-4.2.4-28.3.1 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP2 is installed AND Package Information cluster-md-kmp-default-4.4.21-84.1 is installed OR cluster-network-kmp-default-4.4.21-84.1 is installed OR dlm-kmp-default-4.4.21-84.1 is installed OR gfs2-kmp-default-4.4.21-84.1 is installed OR kernel-default-4.4.21-84.1 is installed OR ocfs2-kmp-default-4.4.21-84.1 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP3 is installed AND conntrack-tools-1.4.2-5 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP4 is installed AND Package Information corosync-2.3.6-9.13 is installed OR libcorosync4-2.3.6-9.13 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP5 is installed AND Package Information corosync-2.3.6-9.13 is installed OR libcorosync4-2.3.6-9.13 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 15 is installed AND Package Information ctdb-4.7.11+git.270.63e2076625b-4.48 is installed OR samba-4.7.11+git.270.63e2076625b-4.48 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 15 SP1 is installed AND haproxy-2.0.10+git0.ac198b92-8.8 is installed
Definition Synopsis
SUSE Linux Enterprise High Performance Computing 12 SP5 is installed AND ant-1.9.4-3.3 is installed
Definition Synopsis
SUSE Linux Enterprise Live Patching 12 is installed AND Package Information kgraft-patch-3_12_32-33-default-3-2.1 is installed OR kgraft-patch-3_12_32-33-xen-3-2.1 is installed OR kgraft-patch-SLE12_Update_1-3-2.1 is installed
Definition Synopsis
SUSE Linux Enterprise Live Patching 12 SP3 is installed AND Package Information kgraft-patch-4_4_82-6_3-default-1-2.1 is installed OR kgraft-patch-SLE12-SP3_Update_1-1-2.1 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Containers 12 is installed AND docker-1.8.3-49.1 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Legacy Software 12 is installed AND Package Information compat-libldap-2_3-0-2.3.37-16.1 is installed OR openldap2-2.4.39-16.1 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Public Cloud 12 is installed AND Package Information kernel-ec2-3.12.44-52.18.1 is installed OR kernel-ec2-devel-3.12.44-52.18.1 is installed OR kernel-ec2-extra-3.12.44-52.18.1 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Toolchain 12 is installed AND Package Information cpp5-5.3.1+r233831-9.1 is installed OR gcc5-5.3.1+r233831-9.1 is installed OR gcc5-32bit-5.3.1+r233831-9.1 is installed OR gcc5-ada-5.3.1+r233831-9.1 is installed OR gcc5-ada-32bit-5.3.1+r233831-9.1 is installed OR gcc5-c++-5.3.1+r233831-9.1 is installed OR gcc5-c++-32bit-5.3.1+r233831-9.1 is installed OR gcc5-fortran-5.3.1+r233831-9.1 is installed OR gcc5-fortran-32bit-5.3.1+r233831-9.1 is installed OR gcc5-info-5.3.1+r233831-9.1 is installed OR gcc5-locale-5.3.1+r233831-9.1 is installed OR libada5-5.3.1+r233831-9.1 is installed OR libada5-32bit-5.3.1+r233831-9.1 is installed OR libffi-devel-gcc5-5.3.1+r233831-9.1 is installed OR libffi-devel-gcc5-32bit-5.3.1+r233831-9.1 is installed OR libffi-gcc5-5.3.1+r233831-9.1 is installed OR libstdc++6-devel-gcc5-5.3.1+r233831-9.1 is installed OR libstdc++6-devel-gcc5-32bit-5.3.1+r233831-9.1 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Web Scripting 12 is installed AND Package Information apache2-mod_php5-5.5.14-30.1 is installed OR php5-5.5.14-30.1 is installed OR php5-bcmath-5.5.14-30.1 is installed OR php5-bz2-5.5.14-30.1 is installed OR php5-calendar-5.5.14-30.1 is installed OR php5-ctype-5.5.14-30.1 is installed OR php5-curl-5.5.14-30.1 is installed OR php5-dba-5.5.14-30.1 is installed OR php5-dom-5.5.14-30.1 is installed OR php5-enchant-5.5.14-30.1 is installed OR php5-exif-5.5.14-30.1 is installed OR php5-fastcgi-5.5.14-30.1 is installed OR php5-fileinfo-5.5.14-30.1 is installed OR php5-fpm-5.5.14-30.1 is installed OR php5-ftp-5.5.14-30.1 is installed OR php5-gd-5.5.14-30.1 is installed OR php5-gettext-5.5.14-30.1 is installed OR php5-gmp-5.5.14-30.1 is installed OR php5-iconv-5.5.14-30.1 is installed OR php5-intl-5.5.14-30.1 is installed OR php5-json-5.5.14-30.1 is installed OR php5-ldap-5.5.14-30.1 is installed OR php5-mbstring-5.5.14-30.1 is installed OR php5-mcrypt-5.5.14-30.1 is installed OR php5-mysql-5.5.14-30.1 is installed OR php5-odbc-5.5.14-30.1 is installed OR php5-openssl-5.5.14-30.1 is installed OR php5-pcntl-5.5.14-30.1 is installed OR php5-pdo-5.5.14-30.1 is installed OR php5-pear-5.5.14-30.1 is installed OR php5-pgsql-5.5.14-30.1 is installed OR php5-pspell-5.5.14-30.1 is installed OR php5-shmop-5.5.14-30.1 is installed OR php5-snmp-5.5.14-30.1 is installed OR php5-soap-5.5.14-30.1 is installed OR php5-sockets-5.5.14-30.1 is installed OR php5-sqlite-5.5.14-30.1 is installed OR php5-suhosin-5.5.14-30.1 is installed OR php5-sysvmsg-5.5.14-30.1 is installed OR php5-sysvsem-5.5.14-30.1 is installed OR php5-sysvshm-5.5.14-30.1 is installed OR php5-tokenizer-5.5.14-30.1 is installed OR php5-wddx-5.5.14-30.1 is installed OR php5-xmlreader-5.5.14-30.1 is installed OR php5-xmlrpc-5.5.14-30.1 is installed OR php5-xmlwriter-5.5.14-30.1 is installed OR php5-xsl-5.5.14-30.1 is installed OR php5-zip-5.5.14-30.1 is installed OR php5-zlib-5.5.14-30.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP2 is installed AND NetworkManager-gnome-0.7.1-5.22.28 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP3 is installed AND Package Information libsndfile-1.0.20-2.4.1 is installed OR libsndfile-32bit-1.0.20-2.4.1 is installed OR libsndfile-x86-1.0.20-2.4.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP4 is installed AND Package Information MozillaFirefox-31.7.0esr-0.8.1 is installed OR MozillaFirefox-translations-31.7.0esr-0.8.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 is installed AND Package Information alsa-1.0.27.2-11 is installed OR alsa-docs-1.0.27.2-11 is installed OR libasound2-1.0.27.2-11 is installed OR libasound2-32bit-1.0.27.2-11 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information kernel-default-3.12.51-60.20.2 is installed OR kernel-default-base-3.12.51-60.20.2 is installed OR kernel-default-devel-3.12.51-60.20.2 is installed OR kernel-default-man-3.12.51-60.20.2 is installed OR kernel-devel-3.12.51-60.20.2 is installed OR kernel-macros-3.12.51-60.20.2 is installed OR kernel-source-3.12.51-60.20.2 is installed OR kernel-syms-3.12.51-60.20.2 is installed OR kernel-xen-3.12.51-60.20.2 is installed OR kernel-xen-base-3.12.51-60.20.2 is installed OR kernel-xen-devel-3.12.51-60.20.2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information libjbig2-2.0-12 is installed OR libjbig2-32bit-2.0-12 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND binutils-2.26.1-9.12 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND SuSEfirewall2-3.6.312.333-3.13 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 12 SP5 is installed OR SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed OR SUSE Linux Enterprise Software Development Kit 12 SP5 is installed AND sudo-devel-1.8.27-4.6.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12-LTSS is installed AND Package Information libmysqlclient-devel-10.0.26-20.10.2 is installed OR libmysqlclient18-10.0.26-20.10.2 is installed OR libmysqlclient18-32bit-10.0.26-20.10.2 is installed OR libmysqlclient_r18-10.0.26-20.10.2 is installed OR libmysqld-devel-10.0.26-20.10.2 is installed OR libmysqld18-10.0.26-20.10.2 is installed OR mariadb-10.0.26-20.10.2 is installed OR mariadb-client-10.0.26-20.10.2 is installed OR mariadb-errormessages-10.0.26-20.10.2 is installed OR mariadb-tools-10.0.26-20.10.2 is installed
Definition Synopsis
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 is installed AND Package Information xorg-x11-server-7.6_1.18.3-76.15 is installed OR xorg-x11-server-extra-7.6_1.18.3-76.15 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 11 SP4 is installed AND Package Information php53-5.3.17-84.1 is installed OR php53-devel-5.3.17-84.1 is installed OR php53-imap-5.3.17-84.1 is installed OR php53-posix-5.3.17-84.1 is installed OR php53-readline-5.3.17-84.1 is installed OR php53-sockets-5.3.17-84.1 is installed OR php53-sqlite-5.3.17-84.1 is installed OR php53-tidy-5.3.17-84.1 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP1 is installed AND osc-0.152.0-11 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP2 is installed AND LibVNCServer-devel-0.9.9-16 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP3 is installed AND alsa-devel-1.0.27.2-15 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 is installed AND Package Information flash-player-11.2.202.425-19.1 is installed OR flash-player-gnome-11.2.202.425-19.1 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 SP1 is installed AND Package Information libvirt-1.2.18.4-11.7 is installed OR libvirt-client-32bit-1.2.18.4-11.7 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 SP2 is installed AND Package Information imap-2007e_suse-22.1 is installed OR libc-client2007e_suse-2007e_suse-22.1 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 15 SP2 is installed AND Package Information gnome-shell-3.34.5-3.13 is installed OR gnome-shell-calendar-3.34.5-3.13 is installed

BACK