Oval Definition:oval:org.opensuse.security:def:51148
Revision Date:2021-01-27Version:1
Title:Security update for sudo (Important)
Description:

This update for sudo fixes the following issues:

- A Heap-based buffer overflow in sudo could be exploited to allow a user to gain root privileges [bsc#1181090,CVE-2021-3156] - It was possible for a user to test for the existence of a directory due to a Race Condition in `sudoedit` [bsc#1180684,CVE-2021-23239]
Family:unixClass:patch
Status:Reference(s):1027519
1051510
1065600
1065729
1071995
1083647
1085030
1088047
1098633
1103320
1103990
1103991
1103992
1106191
1106383
1109837
1109911
1111666
1112374
1113956
1114279
1114685
1115929
1118338
1119113
1119532
1120386
1120423
1124729
1124734
1125703
1126284
1128378
1128902
1130836
1131645
1132390
1133401
1133738
1134303
1134395
1134506
1135556
1135642
1135897
1136161
1136264
1136343
1136935
1137325
1137625
1137728
1138459
1138879
1139712
1139751
1139771
1139865
1140133
1140228
1140328
1140405
1140424
1140428
1140454
1140463
1140575
1140577
1140637
1140658
1140715
1140719
1140726
1140727
1140728
1140814
1140887
1140888
1140889
1140891
1140893
1140948
1140954
1140955
1140956
1140957
1140958
1140959
1140960
1140961
1140962
1140964
1140971
1140972
1140992
1142685
1145051
1145929
1148868
1154999
1155200
1157424
1157490
1158983
1159037
1159198
1159199
1159928
1160932
1161517
1161521
1161561
1161951
1162171
1162610
1163403
1163897
1163985
1164284
1164777
1164780
1164893
1165019
1165182
1165185
1165206
1165211
1165823
1165949
1166780
1166860
1166861
1166862
1166864
1166866
1166867
1166868
1166870
1166940
1166982
1167005
1167007
1167152
1167216
1167288
1167290
1167316
1167421
1167423
1167627
1167629
1168075
1168140
1168142
1168143
1168202
1168273
1168276
1168295
1168367
1168424
1168443
1168486
1168552
1168760
1168762
1168763
1168764
1168765
1168829
1168854
1168881
1168884
1168952
1169013
1169057
1169307
1169308
1169390
1169392
1169514
1169625
1171252
1171254
1174230
1176384
1176756
1176899
1177977
1180684
1181090
CVE-2010-3170
CVE-2011-3389
CVE-2011-3640
CVE-2013-0743
CVE-2013-0791
CVE-2013-1620
CVE-2013-1739
CVE-2013-1740
CVE-2013-1982
CVE-2013-2492
CVE-2013-5605
CVE-2014-1492
CVE-2014-1568
CVE-2018-10938
CVE-2018-19211
CVE-2018-20836
CVE-2019-10126
CVE-2019-10160
CVE-2019-10638
CVE-2019-10639
CVE-2019-11043
CVE-2019-11599
CVE-2019-13233
CVE-2019-19770
CVE-2019-19956
CVE-2019-20388
CVE-2019-3701
CVE-2019-6974
CVE-2019-7221
CVE-2019-8912
CVE-2019-9213
CVE-2019-9458
CVE-2020-10942
CVE-2020-11494
CVE-2020-11669
CVE-2020-11739
CVE-2020-11740
CVE-2020-11741
CVE-2020-11742
CVE-2020-11743
CVE-2020-12653
CVE-2020-12654
CVE-2020-15673
CVE-2020-15676
CVE-2020-15677
CVE-2020-15678
CVE-2020-15683
CVE-2020-15969
CVE-2020-1720
CVE-2020-7595
CVE-2020-8597
CVE-2020-8834
CVE-2021-23239
CVE-2021-3156
SUSE-SU-2018:2964-1
SUSE-SU-2018:4000-1
SUSE-SU-2019:1854-1
SUSE-SU-2019:2064-1
SUSE-SU-2019:2819-1
SUSE-SU-2020:0489-1
SUSE-SU-2020:0589-1
SUSE-SU-2020:1124-1
SUSE-SU-2020:1146-1
SUSE-SU-2020:1299-1
SUSE-SU-2021:0232-1
Platform(s):SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 11 SP4
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Module for Desktop Applications 15
SUSE Linux Enterprise Module for Legacy Software 15
SUSE Linux Enterprise Module for Legacy Software 15 SP1
SUSE Linux Enterprise Module for Live Patching 15
SUSE Linux Enterprise Module for Live Patching 15 SP1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2
SUSE Linux Enterprise Module for Python2 packages 15 SP1
SUSE Linux Enterprise Module for Server Applications 15 SP1
SUSE Linux Enterprise Module for Web Scripting 15
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 15-LTSS
SUSE Linux Enterprise Server for SAP Applications 12 SP2
SUSE Linux Enterprise Workstation Extension 15 SP1
SUSE OpenStack Cloud 6
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP2 is installed
  • AND Package Information
  • glibc-2.11.3-17.45.49 is installed
  • OR glibc-32bit-2.11.3-17.45.49 is installed
  • OR glibc-devel-2.11.3-17.45.49 is installed
  • OR glibc-devel-32bit-2.11.3-17.45.49 is installed
  • OR glibc-i18ndata-2.11.3-17.45.49 is installed
  • OR glibc-locale-2.11.3-17.45.49 is installed
  • OR glibc-locale-32bit-2.11.3-17.45.49 is installed
  • OR nscd-2.11.3-17.45.49 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND Package Information
  • MozillaFirefox-38.2.1esr-19 is installed
  • OR MozillaFirefox-branding-SLED-31.0-0.12 is installed
  • OR MozillaFirefox-translations-38.2.1esr-19 is installed
  • OR libfreebl3-3.19.2.0-0.16 is installed
  • OR libfreebl3-32bit-3.19.2.0-0.16 is installed
  • OR libsoftokn3-3.19.2.0-0.16 is installed
  • OR libsoftokn3-32bit-3.19.2.0-0.16 is installed
  • OR mozilla-nss-3.19.2.0-0.16 is installed
  • OR mozilla-nss-32bit-3.19.2.0-0.16 is installed
  • OR mozilla-nss-tools-3.19.2.0-0.16 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP4 is installed
  • AND Package Information
  • libmysql55client18-5.5.45-0.11 is installed
  • OR libmysql55client18-32bit-5.5.45-0.11 is installed
  • OR libmysql55client_r18-5.5.45-0.11 is installed
  • OR libmysql55client_r18-32bit-5.5.45-0.11 is installed
  • OR mysql-5.5.45-0.11 is installed
  • OR mysql-client-5.5.45-0.11 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 is installed
  • AND Package Information
  • libXext6-1.3.2-3 is installed
  • OR libXext6-32bit-1.3.2-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND Package Information
  • cups-filters-1.0.58-8 is installed
  • OR cups-filters-cups-browsed-1.0.58-8 is installed
  • OR cups-filters-foomatic-rip-1.0.58-8 is installed
  • OR cups-filters-ghostscript-1.0.58-8 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND Package Information
  • finch-2.11.0-12 is installed
  • OR libpurple-2.11.0-12 is installed
  • OR libpurple-lang-2.11.0-12 is installed
  • OR libpurple-meanwhile-2.11.0-12 is installed
  • OR libpurple-tcl-2.11.0-12 is installed
  • OR pidgin-2.11.0-12 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND Package Information
  • DirectFB-1.7.1-6 is installed
  • OR lib++dfb-1_7-1-1.7.1-6 is installed
  • OR libdirectfb-1_7-1-1.7.1-6 is installed
  • OR libdirectfb-1_7-1-32bit-1.7.1-6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND Package Information
  • avahi-0.6.32-30 is installed
  • OR avahi-lang-0.6.32-30 is installed
  • OR libavahi-client3-0.6.32-30 is installed
  • OR libavahi-client3-32bit-0.6.32-30 is installed
  • OR libavahi-common3-0.6.32-30 is installed
  • OR libavahi-common3-32bit-0.6.32-30 is installed
  • OR libavahi-core7-0.6.32-30 is installed
  • OR libdns_sd-0.6.32-30 is installed
  • OR libdns_sd-32bit-0.6.32-30 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Desktop Applications 15 is installed
  • AND Package Information
  • python-2.7.14-7.14 is installed
  • OR python-tk-2.7.14-7.14 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Legacy Software 15 is installed
  • AND Package Information
  • libncurses5-6.1-5.3 is installed
  • OR libncurses5-32bit-6.1-5.3 is installed
  • OR ncurses-6.1-5.3 is installed
  • OR ncurses5-devel-6.1-5.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Legacy Software 15 SP1 is installed
  • AND Package Information
  • kernel-default-4.12.14-197.10 is installed
  • OR reiserfs-kmp-default-4.12.14-197.10 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Live Patching 15 is installed
  • AND Package Information
  • kernel-livepatch-4_12_14-25_16-default-2-2 is installed
  • OR kernel-livepatch-SLE15_Update_4-2-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Live Patching 15 SP1 is installed
  • AND Package Information
  • kernel-livepatch-4_12_14-197_34-default-3-2 is installed
  • OR kernel-livepatch-SLE15-SP1_Update_9-3-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2 is installed
  • AND Package Information
  • MozillaThunderbird-78.4.0-3.99 is installed
  • OR MozillaThunderbird-translations-common-78.4.0-3.99 is installed
  • OR MozillaThunderbird-translations-other-78.4.0-3.99 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Python2 packages 15 SP1 is installed
  • AND Package Information
  • python-libxml2-python-2.9.7-3.19 is installed
  • OR python2-libxml2-python-2.9.7-3.19 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed
  • AND Package Information
  • xen-4.12.2_04-3.15 is installed
  • OR xen-devel-4.12.2_04-3.15 is installed
  • OR xen-tools-4.12.2_04-3.15 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Web Scripting 15 is installed
  • AND Package Information
  • apache2-mod_php7-7.2.5-4.46 is installed
  • OR php7-7.2.5-4.46 is installed
  • OR php7-bcmath-7.2.5-4.46 is installed
  • OR php7-bz2-7.2.5-4.46 is installed
  • OR php7-calendar-7.2.5-4.46 is installed
  • OR php7-ctype-7.2.5-4.46 is installed
  • OR php7-curl-7.2.5-4.46 is installed
  • OR php7-dba-7.2.5-4.46 is installed
  • OR php7-devel-7.2.5-4.46 is installed
  • OR php7-dom-7.2.5-4.46 is installed
  • OR php7-enchant-7.2.5-4.46 is installed
  • OR php7-exif-7.2.5-4.46 is installed
  • OR php7-fastcgi-7.2.5-4.46 is installed
  • OR php7-fileinfo-7.2.5-4.46 is installed
  • OR php7-fpm-7.2.5-4.46 is installed
  • OR php7-ftp-7.2.5-4.46 is installed
  • OR php7-gd-7.2.5-4.46 is installed
  • OR php7-gettext-7.2.5-4.46 is installed
  • OR php7-gmp-7.2.5-4.46 is installed
  • OR php7-iconv-7.2.5-4.46 is installed
  • OR php7-intl-7.2.5-4.46 is installed
  • OR php7-json-7.2.5-4.46 is installed
  • OR php7-ldap-7.2.5-4.46 is installed
  • OR php7-mbstring-7.2.5-4.46 is installed
  • OR php7-mysql-7.2.5-4.46 is installed
  • OR php7-odbc-7.2.5-4.46 is installed
  • OR php7-opcache-7.2.5-4.46 is installed
  • OR php7-openssl-7.2.5-4.46 is installed
  • OR php7-pcntl-7.2.5-4.46 is installed
  • OR php7-pdo-7.2.5-4.46 is installed
  • OR php7-pear-7.2.5-4.46 is installed
  • OR php7-pear-Archive_Tar-7.2.5-4.46 is installed
  • OR php7-pgsql-7.2.5-4.46 is installed
  • OR php7-phar-7.2.5-4.46 is installed
  • OR php7-posix-7.2.5-4.46 is installed
  • OR php7-shmop-7.2.5-4.46 is installed
  • OR php7-snmp-7.2.5-4.46 is installed
  • OR php7-soap-7.2.5-4.46 is installed
  • OR php7-sockets-7.2.5-4.46 is installed
  • OR php7-sodium-7.2.5-4.46 is installed
  • OR php7-sqlite-7.2.5-4.46 is installed
  • OR php7-sysvmsg-7.2.5-4.46 is installed
  • OR php7-sysvsem-7.2.5-4.46 is installed
  • OR php7-sysvshm-7.2.5-4.46 is installed
  • OR php7-tokenizer-7.2.5-4.46 is installed
  • OR php7-wddx-7.2.5-4.46 is installed
  • OR php7-xmlreader-7.2.5-4.46 is installed
  • OR php7-xmlrpc-7.2.5-4.46 is installed
  • OR php7-xmlwriter-7.2.5-4.46 is installed
  • OR php7-xsl-7.2.5-4.46 is installed
  • OR php7-zip-7.2.5-4.46 is installed
  • OR php7-zlib-7.2.5-4.46 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • xen-4.5.3_08-17 is installed
  • OR xen-doc-html-4.5.3_08-17 is installed
  • OR xen-kmp-default-4.5.3_08_k3.12.59_60.45-17 is installed
  • OR xen-libs-4.5.3_08-17 is installed
  • OR xen-libs-32bit-4.5.3_08-17 is installed
  • OR xen-tools-4.5.3_08-17 is installed
  • OR xen-tools-domU-4.5.3_08-17 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • kgraft-patch-3_12_74-60_64_48-default-10-2 is installed
  • OR kgraft-patch-3_12_74-60_64_48-xen-10-2 is installed
  • OR kgraft-patch-SLE12-SP1_Update_17-10-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND dstat-0.7.2-1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • libdcerpc-atsvc0-4.2.4-28.29 is installed
  • OR samba-4.2.4-28.29 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND clamav-0.100.1-33.15 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_121-92_73-default-2-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_21-2-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • avahi-0.6.32-30 is installed
  • OR avahi-lang-0.6.32-30 is installed
  • OR avahi-utils-0.6.32-30 is installed
  • OR libavahi-client3-0.6.32-30 is installed
  • OR libavahi-client3-32bit-0.6.32-30 is installed
  • OR libavahi-common3-0.6.32-30 is installed
  • OR libavahi-common3-32bit-0.6.32-30 is installed
  • OR libavahi-core7-0.6.32-30 is installed
  • OR libdns_sd-0.6.32-30 is installed
  • OR libdns_sd-32bit-0.6.32-30 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • java-1_8_0-ibm-1.8.0_sr5.40-30.54 is installed
  • OR java-1_8_0-ibm-alsa-1.8.0_sr5.40-30.54 is installed
  • OR java-1_8_0-ibm-plugin-1.8.0_sr5.40-30.54 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • glib2-2.48.2-12.15 is installed
  • OR glib2-lang-2.48.2-12.15 is installed
  • OR glib2-tools-2.48.2-12.15 is installed
  • OR libgio-2_0-0-2.48.2-12.15 is installed
  • OR libgio-2_0-0-32bit-2.48.2-12.15 is installed
  • OR libglib-2_0-0-2.48.2-12.15 is installed
  • OR libglib-2_0-0-32bit-2.48.2-12.15 is installed
  • OR libgmodule-2_0-0-2.48.2-12.15 is installed
  • OR libgmodule-2_0-0-32bit-2.48.2-12.15 is installed
  • OR libgobject-2_0-0-2.48.2-12.15 is installed
  • OR libgobject-2_0-0-32bit-2.48.2-12.15 is installed
  • OR libgthread-2_0-0-2.48.2-12.15 is installed
  • OR libgthread-2_0-0-32bit-2.48.2-12.15 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • java-1_7_1-ibm-1.7.1_sr4.50-38.41 is installed
  • OR java-1_7_1-ibm-alsa-1.7.1_sr4.50-38.41 is installed
  • OR java-1_7_1-ibm-jdbc-1.7.1_sr4.50-38.41 is installed
  • OR java-1_7_1-ibm-plugin-1.7.1_sr4.50-38.41 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • MozillaFirefox-52.9.0esr-109.38 is installed
  • OR MozillaFirefox-translations-52.9.0esr-109.38 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • colord-gtk-lang-0.1.26-6 is installed
  • OR libcolord-gtk1-0.1.26-6 is installed
  • OR libcolord2-1.3.3-12 is installed
  • OR libcolord2-32bit-1.3.3-12 is installed
  • OR libcolorhug2-1.3.3-12 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 15-LTSS is installed
  • AND Package Information
  • libecpg6-10.12-4.19 is installed
  • OR libpq5-10.12-4.19 is installed
  • OR postgresql10-10.12-4.19 is installed
  • OR postgresql10-contrib-10.12-4.19 is installed
  • OR postgresql10-devel-10.12-4.19 is installed
  • OR postgresql10-docs-10.12-4.19 is installed
  • OR postgresql10-plperl-10.12-4.19 is installed
  • OR postgresql10-plpython-10.12-4.19 is installed
  • OR postgresql10-pltcl-10.12-4.19 is installed
  • OR postgresql10-server-10.12-4.19 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server for SAP Applications 12 SP2 is installed
  • AND sudo-1.8.10p3-10.29.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 SP1 is installed
  • AND Package Information
  • kernel-default-4.12.14-197.40 is installed
  • OR kernel-default-extra-4.12.14-197.40 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 6 is installed
  • AND Package Information
  • apache2-2.4.16-20.13 is installed
  • OR apache2-doc-2.4.16-20.13 is installed
  • OR apache2-example-pages-2.4.16-20.13 is installed
  • OR apache2-prefork-2.4.16-20.13 is installed
  • OR apache2-utils-2.4.16-20.13 is installed
  • OR apache2-worker-2.4.16-20.13 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • libopenssl-devel-1.0.2j-60.39 is installed
  • OR libopenssl1_0_0-1.0.2j-60.39 is installed
  • OR libopenssl1_0_0-32bit-1.0.2j-60.39 is installed
  • OR libopenssl1_0_0-hmac-1.0.2j-60.39 is installed
  • OR libopenssl1_0_0-hmac-32bit-1.0.2j-60.39 is installed
  • OR openssl-1.0.2j-60.39 is installed
  • OR openssl-doc-1.0.2j-60.39 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND sudo-1.8.20p2-3.14 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • dnsmasq-2.78-18.6 is installed
  • OR dnsmasq-utils-2.78-18.6 is installed
    • BACK