Oval Definition:	oval:org.opensuse.security:def:53587
Revision Date: 2020-12-01 Version: 1 Title: Security update for sudo (Important) Description: This update for sudo fixes the following issues: Security issue fixed: - CVE-2019-18634: Fixed a buffer overflow in the passphrase prompt that could occur when pwfeedback was enabled in /etc/sudoers (bsc#1162202). Non-security issue fixed: - Fixed an issue where sudo -l would ask for a password even though `listpw` was set to `never` (bsc#1162675). Family: unix Class: patch Status: Reference(s): 1000345 1000346 1001151 1002116 1002549 1002550 1002557 1003612 1003613 1003878 1003893 1003894 1004702 1004706 1004707 1005353 1005374 1006536 1006538 1007263 1007391 1007493 1007494 1007495 1007769 1007959 1007962 1008148 1008842 1010032 1011913 1012382 1012910 1013994 1014136 1015609 1017461 1017641 1018263 1018419 1019163 1019614 1019618 1020048 1021762 1022340 1022785 1023866 1024015 1025683 1026024 1026405 1026462 1026505 1026509 1026692 1026722 1027054 1027066 1027153 1027179 1027189 1027190 1027195 1027273 1027616 1028017 1028027 1028041 1028158 1028217 1028325 1028415 1028819 1028895 1029220 1029514 1029634 1029986 1030118 1030213 1031003 1031052 1031200 1031206 1031208 1031440 1031481 1031579 1031660 1031662 1031717 1031831 1032006 1032673 1032681 1033109 1033111 1033112 1033113 1033118 1033120 1033126 1033127 1033128 1033129 1033131 1038438 1042804 1042805 1050699 1050704 1050708 1050711 1050712 1050714 1056088 1056090 1056093 1056095 1056097 1056101 1056105 1162202 1162675 1174415 897662 899486 911662 934524 934525 934526 934527 934528 934529 951844 968697 969755 970083 976920 977572 977860 978056 980892 981634 982783 987899 988281 991173 998106 998516 CVE-2008-3522 CVE-2009-5044 CVE-2009-5080 CVE-2009-5081 CVE-2010-2522 CVE-2010-2523 CVE-2011-4516 CVE-2011-4517 CVE-2012-2737 CVE-2014-3467 CVE-2014-3468 CVE-2014-3469 CVE-2014-3634 CVE-2014-7204 CVE-2014-8137 CVE-2014-8138 CVE-2014-8157 CVE-2014-8158 CVE-2014-9029 CVE-2014-9447 CVE-2014-9732 CVE-2015-2806 CVE-2015-3622 CVE-2015-4467 CVE-2015-4468 CVE-2015-4469 CVE-2015-4470 CVE-2015-4471 CVE-2015-4472 CVE-2015-5203 CVE-2015-5221 CVE-2016-10200 CVE-2016-10251 CVE-2016-10371 CVE-2016-1577 CVE-2016-1867 CVE-2016-2089 CVE-2016-2116 CVE-2016-2117 CVE-2016-4008 CVE-2016-7161 CVE-2016-7170 CVE-2016-7422 CVE-2016-7466 CVE-2016-7907 CVE-2016-7908 CVE-2016-7909 CVE-2016-7994 CVE-2016-7995 CVE-2016-8576 CVE-2016-8577 CVE-2016-8578 CVE-2016-8654 CVE-2016-8667 CVE-2016-8668 CVE-2016-8669 CVE-2016-8690 CVE-2016-8691 CVE-2016-8692 CVE-2016-8693 CVE-2016-8880 CVE-2016-8881 CVE-2016-8882 CVE-2016-8883 CVE-2016-8884 CVE-2016-8885 CVE-2016-8886 CVE-2016-8887 CVE-2016-8909 CVE-2016-8910 CVE-2016-9101 CVE-2016-9104 CVE-2016-9105 CVE-2016-9106 CVE-2016-9191 CVE-2016-9262 CVE-2016-9388 CVE-2016-9389 CVE-2016-9390 CVE-2016-9391 CVE-2016-9392 CVE-2016-9393 CVE-2016-9394 CVE-2016-9395 CVE-2016-9398 CVE-2016-9560 CVE-2016-9583 CVE-2016-9591 CVE-2016-9600 CVE-2017-1000050 CVE-2017-13738 CVE-2017-13739 CVE-2017-13740 CVE-2017-13741 CVE-2017-13743 CVE-2017-13744 CVE-2017-2596 CVE-2017-2671 CVE-2017-2834 CVE-2017-2835 CVE-2017-2836 CVE-2017-2837 CVE-2017-2838 CVE-2017-2839 CVE-2017-5498 CVE-2017-6074 CVE-2017-6214 CVE-2017-6345 CVE-2017-6346 CVE-2017-6347 CVE-2017-6353 CVE-2017-6850 CVE-2017-7187 CVE-2017-7261 CVE-2017-7294 CVE-2017-7308 CVE-2017-7374 CVE-2017-7592 CVE-2017-7593 CVE-2017-7594 CVE-2017-7595 CVE-2017-7596 CVE-2017-7597 CVE-2017-7598 CVE-2017-7599 CVE-2017-7600 CVE-2017-7601 CVE-2017-7602 CVE-2017-9403 CVE-2017-9404 CVE-2018-9055 CVE-2019-18634 CVE-2020-15900 SUSE-SU-2015:0292-1 SUSE-SU-2016:0011-1 SUSE-SU-2016:2097-1 SUSE-SU-2016:2879-1 SUSE-SU-2017:1183-1 SUSE-SU-2017:2234-1 SUSE-SU-2017:2569-1 SUSE-SU-2017:2570-1 SUSE-SU-2020:0408-1 SUSE-SU-2020:2095-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 15-LTSS SUSE Linux Enterprise Server for SAP Applications 15 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 6-LTSS SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information gdk-pixbuf-loader-rsvg-2.42.3-lp150.1 is installed OR librsvg-2-2-2.42.3-lp150.1 is installed OR rsvg-thumbnailer-2.42.3-lp150.1 is installed OR typelib-1_0-Rsvg-2_0-2.42.3-lp150.1 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information MozillaThunderbird-60.7.2-lp151.2.7 is installed OR MozillaThunderbird-buildsymbols-60.7.2-lp151.2.7 is installed OR MozillaThunderbird-translations-common-60.7.2-lp151.2.7 is installed OR MozillaThunderbird-translations-other-60.7.2-lp151.2.7 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information ImageMagick-6.4.3.6-7.26 is installed OR libMagick++1-6.4.3.6-7.26 is installed OR libMagickCore1-6.4.3.6-7.26 is installed OR libMagickCore1-32bit-6.4.3.6-7.26 is installed OR libMagickWand1-6.4.3.6-7.26 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information MozillaFirefox-17.0.9esr-0.7 is installed OR MozillaFirefox-translations-17.0.9esr-0.7 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information bind-9.9.6P1-0.22 is installed OR bind-libs-9.9.6P1-0.22 is installed OR bind-libs-32bit-9.9.6P1-0.22 is installed OR bind-utils-9.9.6P1-0.22 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 is installed AND Package Information elfutils-0.158-6 is installed OR libasm1-0.158-6 is installed OR libdw1-0.158-6 is installed OR libdw1-32bit-0.158-6 is installed OR libebl1-0.158-6 is installed OR libebl1-32bit-0.158-6 is installed OR libelf1-0.158-6 is installed OR libelf1-32bit-0.158-6 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND ctags-5.8-7 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information qemu-2.6.2-31 is installed OR qemu-block-curl-2.6.2-31 is installed OR qemu-ipxe-1.0.0-31 is installed OR qemu-kvm-2.6.2-31 is installed OR qemu-seabios-1.9.1-31 is installed OR qemu-sgabios-8-31 is installed OR qemu-tools-2.6.2-31 is installed OR qemu-vgabios-1.9.1-31 is installed OR qemu-x86-2.6.2-31 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information libtasn1-4.9-1 is installed OR libtasn1-6-4.9-1 is installed OR libtasn1-6-32bit-4.9-1 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information accountsservice-0.6.42-16.3 is installed OR accountsservice-lang-0.6.42-16.3 is installed OR libaccountsservice0-0.6.42-16.3 is installed OR typelib-1_0-AccountsService-1_0-0.6.42-16.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND apache-commons-httpclient-3.1-4 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_67-60_64_24-default-8-2 is installed OR kgraft-patch-3_12_67-60_64_24-xen-8-2 is installed OR kgraft-patch-SLE12-SP1_Update_11-8-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information libhogweed2-2.7.1-9 is installed OR libhogweed2-32bit-2.7.1-9 is installed OR libnettle4-2.7.1-9 is installed OR libnettle4-32bit-2.7.1-9 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information apache2-2.4.23-29.24 is installed OR apache2-doc-2.4.23-29.24 is installed OR apache2-example-pages-2.4.23-29.24 is installed OR apache2-prefork-2.4.23-29.24 is installed OR apache2-utils-2.4.23-29.24 is installed OR apache2-worker-2.4.23-29.24 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information libpython3_4m1_0-3.4.6-25.29 is installed OR python3-3.4.6-25.29 is installed OR python3-base-3.4.6-25.29 is installed OR python3-curses-3.4.6-25.29 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_90-92_50-default-10-2 is installed OR kgraft-patch-SLE12-SP2_Update_15-10-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information libIlmImf-Imf_2_1-21-2.1.0-4 is installed OR openexr-2.1.0-4 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information libpcap-1.8.1-10.3 is installed OR libpcap1-1.8.1-10.3 is installed OR tcpdump-4.9.2-14.14 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information kgraft-patch-4_4_180-94_103-default-3-2 is installed OR kgraft-patch-SLE12-SP3_Update_28-3-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kgraft-patch-4_4_180-94_100-default-2-2 is installed OR kgraft-patch-SLE12-SP3_Update_27-2-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information openssh-7.2p2-74.23 is installed OR openssh-askpass-gnome-7.2p2-74.23 is installed OR openssh-fips-7.2p2-74.23 is installed OR openssh-helpers-7.2p2-74.23 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information libneon27-0.30.0-3 is installed OR libneon27-32bit-0.30.0-3 is installed Definition Synopsis SUSE Linux Enterprise Server 15-LTSS is installed AND Package Information sudo-1.8.22-4.9 is installed OR sudo-devel-1.8.22-4.9 is installed Definition Synopsis SUSE Linux Enterprise Server for SAP Applications 15 is installed AND Package Information ghostscript-9.52-3.32 is installed OR ghostscript-devel-9.52-3.32 is installed OR ghostscript-x11-9.52-3.32 is installed Definition Synopsis SUSE OpenStack Cloud 6 is installed AND Package Information openstack-nova-12.0.2~a0~dev18-1 is installed OR openstack-nova-api-12.0.2~a0~dev18-1 is installed OR openstack-nova-cells-12.0.2~a0~dev18-1 is installed OR openstack-nova-cert-12.0.2~a0~dev18-1 is installed OR openstack-nova-compute-12.0.2~a0~dev18-1 is installed OR openstack-nova-conductor-12.0.2~a0~dev18-1 is installed OR openstack-nova-console-12.0.2~a0~dev18-1 is installed OR openstack-nova-consoleauth-12.0.2~a0~dev18-1 is installed OR openstack-nova-novncproxy-12.0.2~a0~dev18-1 is installed OR openstack-nova-objectstore-12.0.2~a0~dev18-1 is installed OR openstack-nova-scheduler-12.0.2~a0~dev18-1 is installed OR openstack-nova-serialproxy-12.0.2~a0~dev18-1 is installed OR openstack-nova-vncproxy-12.0.2~a0~dev18-1 is installed OR python-nova-12.0.2~a0~dev18-1 is installed Definition Synopsis SUSE OpenStack Cloud 6-LTSS is installed AND python-setuptools-18.0.1-4.8 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information openssh-7.2p2-74.42 is installed OR openssh-askpass-gnome-7.2p2-74.42 is installed OR openssh-fips-7.2p2-74.42 is installed OR openssh-helpers-7.2p2-74.42 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information libpolkit0-0.113-5.18 is installed OR polkit-0.113-5.18 is installed OR typelib-1_0-Polkit-1_0-0.113-5.18 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information ruby2.1-rubygem-actionview-4_2-4.2.9-9.6 is installed OR rubygem-actionview-4_2-4.2.9-9.6 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 9 is installed AND Package Information crowbar-core-6.0+git.1566321308.1de18b9a4-3.7 is installed OR crowbar-core-branding-upstream-6.0+git.1566321308.1de18b9a4-3.7 is installed OR crowbar-ha-6.0+git.1566406179.7549de2-3.7 is installed OR crowbar-openstack-6.0+git.1566404979.41279a88e-3.7 is installed OR crowbar-ui-1.3.0+git.1563181545.65360af5-8 is installed OR openstack-ceilometer-11.0.2~dev14-3.7 is installed OR openstack-ceilometer-agent-central-11.0.2~dev14-3.7 is installed OR openstack-ceilometer-agent-compute-11.0.2~dev14-3.7 is installed OR openstack-ceilometer-agent-ipmi-11.0.2~dev14-3.7 is installed OR openstack-ceilometer-agent-notification-11.0.2~dev14-3.7 is installed OR openstack-ceilometer-polling-11.0.2~dev14-3.7 is installed OR openstack-cinder-13.0.7~dev3-3.7 is installed OR openstack-cinder-api-13.0.7~dev3-3.7 is installed OR openstack-cinder-backup-13.0.7~dev3-3.7 is installed OR openstack-cinder-scheduler-13.0.7~dev3-3.7 is installed OR openstack-cinder-volume-13.0.7~dev3-3.7 is installed OR openstack-designate-7.0.1~dev21-3.7 is installed OR openstack-designate-agent-7.0.1~dev21-3.7 is installed OR openstack-designate-api-7.0.1~dev21-3.7 is installed OR openstack-designate-central-7.0.1~dev21-3.7 is installed OR openstack-designate-producer-7.0.1~dev21-3.7 is installed OR openstack-designate-sink-7.0.1~dev21-3.7 is installed OR openstack-designate-worker-7.0.1~dev21-3.7 is installed OR openstack-heat-11.0.3~dev19-3.7 is installed OR openstack-heat-api-11.0.3~dev19-3.7 is installed OR openstack-heat-api-cfn-11.0.3~dev19-3.7 is installed OR openstack-heat-engine-11.0.3~dev19-3.7 is installed OR openstack-heat-plugin-heat_docker-11.0.3~dev19-3.7 is installed OR openstack-horizon-plugin-neutron-fwaas-ui-1.5.1~dev6-8 is installed OR openstack-horizon-plugin-neutron-lbaas-ui-5.0.1~dev7-8 is installed OR openstack-horizon-plugin-neutron-vpnaas-ui-1.4.1~dev7-8 is installed OR openstack-ironic-11.1.4~dev9-3.7 is installed OR openstack-ironic-api-11.1.4~dev9-3.7 is installed OR openstack-ironic-conductor-11.1.4~dev9-3.7 is installed OR openstack-ironic-python-agent-3.3.3~dev4-3.7 is installed OR openstack-keystone-14.1.1~dev8-3.7 is installed OR openstack-magnum-7.1.1~dev28-3.7 is installed OR openstack-magnum-api-7.1.1~dev28-3.7 is installed OR openstack-magnum-conductor-7.1.1~dev28-3.7 is installed OR openstack-manila-7.3.1~dev3-4.7 is installed OR openstack-manila-api-7.3.1~dev3-4.7 is installed OR openstack-manila-data-7.3.1~dev3-4.7 is installed OR openstack-manila-scheduler-7.3.1~dev3-4.7 is installed OR openstack-manila-share-7.3.1~dev3-4.7 is installed OR openstack-monasca-notification-1.14.2~dev1-6.7 is installed OR openstack-monasca-persister-1.12.1~dev9-9 is installed OR openstack-monasca-persister-java-1.12.1~dev9-9 is installed OR openstack-neutron-13.0.5~dev22-3.7 is installed OR openstack-neutron-dhcp-agent-13.0.5~dev22-3.7 is installed OR openstack-neutron-gbp-5.0.1~dev459-3.7 is installed OR openstack-neutron-ha-tool-13.0.5~dev22-3.7 is installed OR openstack-neutron-l3-agent-13.0.5~dev22-3.7 is installed OR openstack-neutron-lbaas-13.0.1~dev14-3.7 is installed OR openstack-neutron-lbaas-agent-13.0.1~dev14-3.7 is installed OR openstack-neutron-linuxbridge-agent-13.0.5~dev22-3.7 is installed OR openstack-neutron-macvtap-agent-13.0.5~dev22-3.7 is installed OR openstack-neutron-metadata-agent-13.0.5~dev22-3.7 is installed OR openstack-neutron-metering-agent-13.0.5~dev22-3.7 is installed OR openstack-neutron-openvswitch-agent-13.0.5~dev22-3.7 is installed OR openstack-neutron-server-13.0.5~dev22-3.7 is installed OR openstack-nova-18.2.2~dev9-3.7 is installed OR openstack-nova-api-18.2.2~dev9-3.7 is installed OR openstack-nova-cells-18.2.2~dev9-3.7 is installed OR openstack-nova-compute-18.2.2~dev9-3.7 is installed OR openstack-nova-conductor-18.2.2~dev9-3.7 is installed OR openstack-nova-console-18.2.2~dev9-3.7 is installed OR openstack-nova-novncproxy-18.2.2~dev9-3.7 is installed OR openstack-nova-placement-api-18.2.2~dev9-3.7 is installed OR openstack-nova-scheduler-18.2.2~dev9-3.7 is installed OR openstack-nova-serialproxy-18.2.2~dev9-3.7 is installed OR openstack-nova-vncproxy-18.2.2~dev9-3.7 is installed OR openstack-octavia-3.1.2~dev8-3.7 is installed OR openstack-octavia-amphora-agent-3.1.2~dev8-3.7 is installed OR openstack-octavia-api-3.1.2~dev8-3.7 is installed OR openstack-octavia-health-manager-3.1.2~dev8-3.7 is installed OR openstack-octavia-housekeeping-3.1.2~dev8-3.7 is installed OR openstack-octavia-worker-3.1.2~dev8-3.7 is installed OR openstack-tempest-19.0.0-12 is installed OR openstack-tempest-test-19.0.0-12 is installed OR python-ceilometer-11.0.2~dev14-3.7 is installed OR python-cinder-13.0.7~dev3-3.7 is installed OR python-cinder-tempest-plugin-0.1.0-8 is installed OR python-designate-7.0.1~dev21-3.7 is installed OR python-heat-11.0.3~dev19-3.7 is installed OR python-horizon-plugin-neutron-fwaas-ui-1.5.1~dev6-8 is installed OR python-horizon-plugin-neutron-lbaas-ui-5.0.1~dev7-8 is installed OR python-horizon-plugin-neutron-vpnaas-ui-1.4.1~dev7-8 is installed OR python-ironic-11.1.4~dev9-3.7 is installed OR python-ironicclient-2.5.3-4.7 is installed OR python-ironicclient-doc-2.5.3-4.7 is installed OR python-keystone-14.1.1~dev8-3.7 is installed OR python-keystonemiddleware-5.2.0-8 is installed OR python-magnum-7.1.1~dev28-3.7 is installed OR python-manila-7.3.1~dev3-4.7 is installed OR python-monasca-notification-1.14.2~dev1-6.7 is installed OR python-monasca-persister-1.12.1~dev9-9 is installed OR python-monasca-tempest-plugin-0.3.0-8 is installed OR python-neutron-13.0.5~dev22-3.7 is installed OR python-neutron-gbp-5.0.1~dev459-3.7 is installed OR python-neutron-lbaas-13.0.1~dev14-3.7 is installed OR python-nova-18.2.2~dev9-3.7 is installed OR python-octavia-3.1.2~dev8-3.7 is installed OR python-openstackclient-3.16.2-8 is installed OR python-openstacksdk-0.17.3-8 is installed OR python-proliantutils-2.8.4-8 is installed OR python-tempest-19.0.0-12 is installed OR python-vmware-nsx-13.0.1~dev146-9 is installed OR python-vmware-nsxlib-13.0.1~dev24-8 is installed OR yast2-crowbar-3.4.2-8 is installed
BACK