Oval Definition:oval:org.opensuse.security:def:50880
Revision Date:2020-12-01Version:1
Title:Security update for sudo (Important)
Description:

This update for sudo fixes the following issues:

Security issue fixed:

- CVE-2019-18634: Fixed a buffer overflow in the passphrase prompt that could occur when pwfeedback was enabled in /etc/sudoers (bsc#1162202).

Non-security issue fixed:

- Fixed an issue where sudo -l would ask for a password even though `listpw` was set to `never` (bsc#1162675).
Family:unixClass:patch
Status:Reference(s):1046299
1046303
1046305
1050244
1050536
1050545
1051510
1055186
1061840
1064802
1065600
1066129
1073513
1082635
1083647
1084929
1086323
1087092
1089644
1090631
1093205
1093733
1094301
1096254
1097583
1097584
1097585
1097586
1097587
1097588
1098291
1100369
1101674
1101776
1101777
1101786
1101788
1101791
1101794
1101800
1101802
1101804
1101810
1106514
1109158
1109160
1111647
1111666
1112178
1113994
1114279
1117665
1117740
1118367
1118368
1119461
1119465
1120943
1121231
1121232
1121233
1121234
1121235
1123034
1123080
1127367
1127369
1127370
1128220
1131291
1131941
1131945
1133140
1134303
1135114
1135350
1135642
1135854
1135873
1135967
1136021
1137040
1137799
1137861
1138190
1139073
1140090
1140729
1140844
1140845
1140883
1141600
1141980
1142635
1142667
1143706
1144338
1144375
1144449
1144524
1144903
1145099
1146612
1146848
1148410
1148742
1149119
1149853
1150003
1150250
1150452
1150457
1150465
1150690
1150875
1151508
1151807
1152033
1152624
1152665
1152685
1152696
1152697
1152788
1152790
1152791
1152990
1152992
1152994
1152995
1153112
1153158
1153236
1153263
1153476
1153509
1153607
1153646
1153681
1153713
1153717
1153718
1153719
1153811
1153969
1154108
1154189
1154242
1154268
1154354
1154372
1154521
1154578
1154607
1154608
1154610
1154611
1154651
1154737
1154747
1154804
1154805
1154848
1154858
1154905
1154956
1155061
1155178
1155179
1155184
1155186
1155198
1155205
1155298
1155671
1155678
1155819
1156158
1156205
1156288
1157051
1157377
1158505
1158763
1159928
1160770
1161052
1161168
1161517
1161521
1162202
1162396
1162675
1164804
1165241
1165710
1166847
1167976
1168994
1170667
1170713
1171313
1171740
1172958
1173307
1173311
1173812
1173983
1173986
1174117
1174121
1174420
1174463
1174570
1175443
1175568
1176092
1176674
1176756
802154
814594
906079
919448
957624
987367
998153
CVE-2012-6708
CVE-2015-9251
CVE-2017-18594
CVE-2017-3136
CVE-2018-11354
CVE-2018-11355
CVE-2018-11356
CVE-2018-11357
CVE-2018-11358
CVE-2018-11359
CVE-2018-11360
CVE-2018-11361
CVE-2018-11362
CVE-2018-12086
CVE-2018-12207
CVE-2018-14339
CVE-2018-14340
CVE-2018-14341
CVE-2018-14342
CVE-2018-14343
CVE-2018-14344
CVE-2018-14367
CVE-2018-14368
CVE-2018-14369
CVE-2018-14370
CVE-2018-15173
CVE-2018-16056
CVE-2018-16057
CVE-2018-16058
CVE-2018-18225
CVE-2018-18226
CVE-2018-18227
CVE-2018-19622
CVE-2018-19623
CVE-2018-19624
CVE-2018-19625
CVE-2018-19626
CVE-2018-19627
CVE-2018-19628
CVE-2018-20030
CVE-2018-5741
CVE-2019-10220
CVE-2019-10894
CVE-2019-10895
CVE-2019-10896
CVE-2019-10897
CVE-2019-10898
CVE-2019-10899
CVE-2019-10900
CVE-2019-10901
CVE-2019-10902
CVE-2019-10903
CVE-2019-11135
CVE-2019-13456
CVE-2019-13619
CVE-2019-1547
CVE-2019-1563
CVE-2019-15845
CVE-2019-16201
CVE-2019-16232
CVE-2019-16233
CVE-2019-16234
CVE-2019-16254
CVE-2019-16255
CVE-2019-16319
CVE-2019-16995
CVE-2019-17056
CVE-2019-17133
CVE-2019-17185
CVE-2019-17666
CVE-2019-18634
CVE-2019-18900
CVE-2019-19553
CVE-2019-19956
CVE-2019-20388
CVE-2019-5716
CVE-2019-5717
CVE-2019-5718
CVE-2019-5719
CVE-2019-5721
CVE-2019-6477
CVE-2019-9208
CVE-2019-9209
CVE-2019-9214
CVE-2019-9278
CVE-2020-10713
CVE-2020-13934
CVE-2020-13935
CVE-2020-14308
CVE-2020-14309
CVE-2020-14310
CVE-2020-14311
CVE-2020-15673
CVE-2020-15676
CVE-2020-15677
CVE-2020-15678
CVE-2020-15706
CVE-2020-15707
CVE-2020-7044
CVE-2020-7595
CVE-2020-8027
CVE-2020-8130
CVE-2020-8616
CVE-2020-8617
CVE-2020-8618
CVE-2020-8619
CVE-2020-8620
CVE-2020-8621
CVE-2020-8622
CVE-2020-8623
CVE-2020-8624
CVE-2020-9428
CVE-2020-9429
CVE-2020-9430
CVE-2020-9431
SUSE-SU-2019:2425-2
SUSE-SU-2019:2561-1
SUSE-SU-2019:2947-1
SUSE-SU-2020:0087-1
SUSE-SU-2020:0408-1
SUSE-SU-2020:0458-1
SUSE-SU-2020:0693-1
SUSE-SU-2020:0737-1
SUSE-SU-2020:1023-1
SUSE-SU-2020:1299-1
SUSE-SU-2020:2074-1
SUSE-SU-2020:2712-2
SUSE-SU-2020:2914-1
Platform(s):SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Module for additional PackageHub packages 15 SP1
SUSE Linux Enterprise Module for Basesystem 15 SP1
SUSE Linux Enterprise Module for Basesystem 15 SP2
SUSE Linux Enterprise Module for Legacy Software 15
SUSE Linux Enterprise Module for Live Patching 15 SP1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2
SUSE Linux Enterprise Module for Python2 packages 15 SP1
SUSE Linux Enterprise Module for Server Applications 15 SP1
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 15-LTSS
SUSE Linux Enterprise Server for SAP Applications 15
SUSE Linux Enterprise Workstation Extension 15
SUSE Linux Enterprise Workstation Extension 15 SP2
SUSE OpenStack Cloud 6
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND foomatic-filters-3.0.2-269.39 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 is installed
  • AND Package Information
  • g3utils-1.1.36-54 is installed
  • OR mgetty-1.1.36-54 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND Package Information
  • fuse-2.9.3-5 is installed
  • OR libfuse2-2.9.3-5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND Package Information
  • cups-filters-1.0.58-13 is installed
  • OR cups-filters-cups-browsed-1.0.58-13 is installed
  • OR cups-filters-foomatic-rip-1.0.58-13 is installed
  • OR cups-filters-ghostscript-1.0.58-13 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND Package Information
  • audiofile-0.3.6-10 is installed
  • OR libaudiofile1-0.3.6-10 is installed
  • OR libaudiofile1-32bit-0.3.6-10 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND Package Information
  • gstreamer-0_10-plugins-base-0.10.36-17 is installed
  • OR gstreamer-0_10-plugins-base-32bit-0.10.36-17 is installed
  • OR gstreamer-0_10-plugins-base-lang-0.10.36-17 is installed
  • OR libgstapp-0_10-0-0.10.36-17 is installed
  • OR libgstapp-0_10-0-32bit-0.10.36-17 is installed
  • OR libgstinterfaces-0_10-0-0.10.36-17 is installed
  • OR libgstinterfaces-0_10-0-32bit-0.10.36-17 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for additional PackageHub packages 15 SP1 is installed
  • AND Package Information
  • nmap-7.70-3.12 is installed
  • OR nping-7.70-3.12 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Basesystem 15 SP1 is installed
  • AND Package Information
  • sudo-1.8.22-4.9 is installed
  • OR sudo-devel-1.8.22-4.9 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Basesystem 15 SP2 is installed
  • AND Package Information
  • grub2-2.04-9.7 is installed
  • OR grub2-arm64-efi-2.04-9.7 is installed
  • OR grub2-i386-pc-2.04-9.7 is installed
  • OR grub2-powerpc-ieee1275-2.04-9.7 is installed
  • OR grub2-s390x-emu-2.04-9.7 is installed
  • OR grub2-snapper-plugin-2.04-9.7 is installed
  • OR grub2-systemd-sleep-plugin-2.04-9.7 is installed
  • OR grub2-x86_64-efi-2.04-9.7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Legacy Software 15 is installed
  • AND Package Information
  • libopenssl-1_0_0-devel-1.0.2p-3.22 is installed
  • OR libopenssl1_0_0-1.0.2p-3.22 is installed
  • OR openssl-1_0_0-1.0.2p-3.22 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Live Patching 15 SP1 is installed
  • AND Package Information
  • kernel-default-4.12.14-197.26 is installed
  • OR kernel-default-livepatch-4.12.14-197.26 is installed
  • OR kernel-default-livepatch-devel-4.12.14-197.26 is installed
  • OR kernel-livepatch-4_12_14-197_26-default-1-3.5 is installed
  • OR kernel-livepatch-SLE15-SP1_Update_7-1-3.5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed
  • AND Package Information
  • MozillaFirefox-78.3.0-3.108 is installed
  • OR MozillaFirefox-branding-upstream-78.3.0-3.108 is installed
  • OR MozillaFirefox-buildsymbols-78.3.0-3.108 is installed
  • OR MozillaFirefox-devel-78.3.0-3.108 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2 is installed
  • AND Package Information
  • tomcat-9.0.36-3.6 is installed
  • OR tomcat-docs-webapp-9.0.36-3.6 is installed
  • OR tomcat-embed-9.0.36-3.6 is installed
  • OR tomcat-javadoc-9.0.36-3.6 is installed
  • OR tomcat-jsvc-9.0.36-3.6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Python2 packages 15 SP1 is installed
  • AND Package Information
  • python-libxml2-python-2.9.7-3.19 is installed
  • OR python2-libxml2-python-2.9.7-3.19 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed
  • AND Package Information
  • freeradius-server-3.0.16-3.6 is installed
  • OR freeradius-server-devel-3.0.16-3.6 is installed
  • OR freeradius-server-krb5-3.0.16-3.6 is installed
  • OR freeradius-server-ldap-3.0.16-3.6 is installed
  • OR freeradius-server-libs-3.0.16-3.6 is installed
  • OR freeradius-server-mysql-3.0.16-3.6 is installed
  • OR freeradius-server-perl-3.0.16-3.6 is installed
  • OR freeradius-server-postgresql-3.0.16-3.6 is installed
  • OR freeradius-server-python-3.0.16-3.6 is installed
  • OR freeradius-server-sqlite-3.0.16-3.6 is installed
  • OR freeradius-server-utils-3.0.16-3.6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND libXfont1-1.4.7-4 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • libsoup-2.44.2-2.3 is installed
  • OR libsoup-2_4-1-2.44.2-2.3 is installed
  • OR libsoup-2_4-1-32bit-2.44.2-2.3 is installed
  • OR libsoup-lang-2.44.2-2.3 is installed
  • OR typelib-1_0-Soup-2_4-2.44.2-2.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • libX11-6-1.6.2-4 is installed
  • OR libX11-6-32bit-1.6.2-4 is installed
  • OR libX11-data-1.6.2-4 is installed
  • OR libX11-xcb1-1.6.2-4 is installed
  • OR libX11-xcb1-32bit-1.6.2-4 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • xen-4.7.5_04-43.33 is installed
  • OR xen-doc-html-4.7.5_04-43.33 is installed
  • OR xen-libs-4.7.5_04-43.33 is installed
  • OR xen-libs-32bit-4.7.5_04-43.33 is installed
  • OR xen-tools-4.7.5_04-43.33 is installed
  • OR xen-tools-domU-4.7.5_04-43.33 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • kgraft-patch-4_4_121-92_73-default-6-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_21-6-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_74-92_38-default-9-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_13-9-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • cron-4.2-58 is installed
  • OR cronie-1.4.11-58 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_176-94_88-default-4-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_24-4-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • libX11-1.6.2-12.5 is installed
  • OR libX11-6-1.6.2-12.5 is installed
  • OR libX11-6-32bit-1.6.2-12.5 is installed
  • OR libX11-data-1.6.2-12.5 is installed
  • OR libX11-xcb1-1.6.2-12.5 is installed
  • OR libX11-xcb1-32bit-1.6.2-12.5 is installed
  • OR libxcb-1.10-4.3 is installed
  • OR libxcb-dri2-0-1.10-4.3 is installed
  • OR libxcb-dri2-0-32bit-1.10-4.3 is installed
  • OR libxcb-dri3-0-1.10-4.3 is installed
  • OR libxcb-dri3-0-32bit-1.10-4.3 is installed
  • OR libxcb-glx0-1.10-4.3 is installed
  • OR libxcb-glx0-32bit-1.10-4.3 is installed
  • OR libxcb-present0-1.10-4.3 is installed
  • OR libxcb-present0-32bit-1.10-4.3 is installed
  • OR libxcb-randr0-1.10-4.3 is installed
  • OR libxcb-render0-1.10-4.3 is installed
  • OR libxcb-render0-32bit-1.10-4.3 is installed
  • OR libxcb-shape0-1.10-4.3 is installed
  • OR libxcb-shm0-1.10-4.3 is installed
  • OR libxcb-shm0-32bit-1.10-4.3 is installed
  • OR libxcb-sync1-1.10-4.3 is installed
  • OR libxcb-sync1-32bit-1.10-4.3 is installed
  • OR libxcb-xf86dri0-1.10-4.3 is installed
  • OR libxcb-xfixes0-1.10-4.3 is installed
  • OR libxcb-xfixes0-32bit-1.10-4.3 is installed
  • OR libxcb-xinerama0-1.10-4.3 is installed
  • OR libxcb-xkb1-1.10-4.3 is installed
  • OR libxcb-xkb1-32bit-1.10-4.3 is installed
  • OR libxcb-xv0-1.10-4.3 is installed
  • OR libxcb1-1.10-4.3 is installed
  • OR libxcb1-32bit-1.10-4.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND perl-XML-LibXML-2.0019-6.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 15-LTSS is installed
  • AND Package Information
  • libldap-2_4-2-2.4.46-9.37 is installed
  • OR libldap-2_4-2-32bit-2.4.46-9.37 is installed
  • OR libldap-data-2.4.46-9.37 is installed
  • OR openldap2-2.4.46-9.37 is installed
  • OR openldap2-back-meta-2.4.46-9.37 is installed
  • OR openldap2-back-perl-2.4.46-9.37 is installed
  • OR openldap2-client-2.4.46-9.37 is installed
  • OR openldap2-devel-2.4.46-9.37 is installed
  • OR openldap2-devel-32bit-2.4.46-9.37 is installed
  • OR openldap2-devel-static-2.4.46-9.37 is installed
  • OR openldap2-ppolicy-check-password-1.2-9.37 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server for SAP Applications 15 is installed
  • AND Package Information
  • bind-9.16.6-12.32 is installed
  • OR bind-chrootenv-9.16.6-12.32 is installed
  • OR bind-devel-9.16.6-12.32 is installed
  • OR bind-doc-9.16.6-12.32 is installed
  • OR bind-utils-9.16.6-12.32 is installed
  • OR libbind9-1600-9.16.6-12.32 is installed
  • OR libdns1605-9.16.6-12.32 is installed
  • OR libirs-devel-9.16.6-12.32 is installed
  • OR libirs1601-9.16.6-12.32 is installed
  • OR libisc1606-9.16.6-12.32 is installed
  • OR libisccc1600-9.16.6-12.32 is installed
  • OR libisccfg1600-9.16.6-12.32 is installed
  • OR libns1604-9.16.6-12.32 is installed
  • OR python3-bind-9.16.6-12.32 is installed
  • OR sysuser-shadow-2.0-4.2 is installed
  • OR sysuser-tools-2.0-4.2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 is installed
  • AND Package Information
  • kernel-default-4.12.14-25.19 is installed
  • OR kernel-default-extra-4.12.14-25.19 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 SP2 is installed
  • AND Package Information
  • libraw-0.18.9-3.11 is installed
  • OR libraw-devel-0.18.9-3.11 is installed
  • OR libraw16-0.18.9-3.11 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 6 is installed
  • AND sudo-1.8.10p3-2.16 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • gpg2-2.0.24-9.3 is installed
  • OR gpg2-lang-2.0.24-9.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • libecpg6-10.9-1.12 is installed
  • OR libpq5-10.9-1.12 is installed
  • OR libpq5-32bit-10.9-1.12 is installed
  • OR postgresql10-10.9-1.12 is installed
  • OR postgresql10-contrib-10.9-1.12 is installed
  • OR postgresql10-docs-10.9-1.12 is installed
  • OR postgresql10-libs-10.9-1.12 is installed
  • OR postgresql10-plperl-10.9-1.12 is installed
  • OR postgresql10-plpython-10.9-1.12 is installed
  • OR postgresql10-pltcl-10.9-1.12 is installed
  • OR postgresql10-server-10.9-1.12 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • kernel-default-4.4.180-94.107 is installed
  • OR kernel-default-base-4.4.180-94.107 is installed
  • OR kernel-default-devel-4.4.180-94.107 is installed
  • OR kernel-default-kgraft-4.4.180-94.107 is installed
  • OR kernel-devel-4.4.180-94.107 is installed
  • OR kernel-macros-4.4.180-94.107 is installed
  • OR kernel-source-4.4.180-94.107 is installed
  • OR kernel-syms-4.4.180-94.107 is installed
  • OR kgraft-patch-4_4_180-94_107-default-1-4.3 is installed
  • OR kgraft-patch-SLE12-SP3_Update_29-1-4.3 is installed
    • BACK