Oval Definition:	oval:org.opensuse.security:def:5558
Revision Date: 2020-12-02 Version: 1 Title: Security update for sudo (Important) Description: This update for sudo fixes the following issues: Security issue fixed: - CVE-2019-18634: Fixed a buffer overflow in the passphrase prompt that could occur when pwfeedback was enabled in /etc/sudoers (bsc#1162202). Non-security issue fixed: - Fixed an issue where sudo -l would ask for a password even though `listpw` was set to `never` (bsc#1162675). Family: unix Class: patch Status: Reference(s): 1112020 1162202 1162675 CVE-2008-5984 CVE-2009-1210 CVE-2009-1267 CVE-2009-1268 CVE-2009-1269 CVE-2009-3241 CVE-2009-3242 CVE-2009-3243 CVE-2010-0624 CVE-2010-1205 CVE-2010-1455 CVE-2010-2522 CVE-2010-2523 CVE-2010-2993 CVE-2010-3445 CVE-2010-4300 CVE-2010-4301 CVE-2010-4538 CVE-2010-4540 CVE-2010-4541 CVE-2010-4542 CVE-2010-4543 CVE-2011-0024 CVE-2011-0461 CVE-2011-0538 CVE-2011-0713 CVE-2011-1138 CVE-2011-1139 CVE-2011-1140 CVE-2011-1143 CVE-2011-1590 CVE-2011-1591 CVE-2011-1592 CVE-2011-1957 CVE-2011-1958 CVE-2011-1959 CVE-2011-2174 CVE-2011-2175 CVE-2011-2501 CVE-2011-2597 CVE-2011-2690 CVE-2011-2691 CVE-2011-2692 CVE-2011-2698 CVE-2011-2709 CVE-2011-2895 CVE-2011-2895 CVE-2011-2896 CVE-2011-3026 CVE-2011-3048 CVE-2011-3266 CVE-2011-3328 CVE-2011-3360 CVE-2011-3464 CVE-2011-3483 CVE-2012-2392 CVE-2012-2393 CVE-2012-2394 CVE-2012-3236 CVE-2012-3386 CVE-2012-3548 CVE-2012-4024 CVE-2012-4025 CVE-2012-4048 CVE-2012-4049 CVE-2012-4285 CVE-2012-4286 CVE-2012-4287 CVE-2012-4288 CVE-2012-4289 CVE-2012-4290 CVE-2012-4291 CVE-2012-4292 CVE-2012-4293 CVE-2012-4294 CVE-2012-4295 CVE-2012-4296 CVE-2012-4297 CVE-2012-4298 CVE-2012-5237 CVE-2012-5238 CVE-2012-5239 CVE-2012-5240 CVE-2012-5576 CVE-2012-5592 CVE-2012-5593 CVE-2012-5594 CVE-2012-5595 CVE-2012-5596 CVE-2012-5597 CVE-2012-5598 CVE-2012-5599 CVE-2012-5600 CVE-2012-5601 CVE-2012-5602 CVE-2013-1572 CVE-2013-1573 CVE-2013-1574 CVE-2013-1575 CVE-2013-1576 CVE-2013-1577 CVE-2013-1578 CVE-2013-1579 CVE-2013-1580 CVE-2013-1581 CVE-2013-1582 CVE-2013-1583 CVE-2013-1584 CVE-2013-1585 CVE-2013-1586 CVE-2013-1587 CVE-2013-1588 CVE-2013-1589 CVE-2013-1590 CVE-2013-2475 CVE-2013-2476 CVE-2013-2477 CVE-2013-2478 CVE-2013-2479 CVE-2013-2480 CVE-2013-2481 CVE-2013-2482 CVE-2013-2483 CVE-2013-2484 CVE-2013-2485 CVE-2013-2486 CVE-2013-2487 CVE-2013-2488 CVE-2013-3555 CVE-2013-3556 CVE-2013-3557 CVE-2013-3558 CVE-2013-3559 CVE-2013-3560 CVE-2013-3561 CVE-2013-3562 CVE-2013-4083 CVE-2013-4920 CVE-2013-4921 CVE-2013-4922 CVE-2013-4923 CVE-2013-4924 CVE-2013-4925 CVE-2013-4926 CVE-2013-4927 CVE-2013-4928 CVE-2013-4929 CVE-2013-4930 CVE-2013-4931 CVE-2013-4932 CVE-2013-4933 CVE-2013-4934 CVE-2013-4935 CVE-2013-4936 CVE-2013-5717 CVE-2013-5718 CVE-2013-5719 CVE-2013-5720 CVE-2013-5721 CVE-2013-5722 CVE-2013-6336 CVE-2013-6337 CVE-2013-6338 CVE-2013-6339 CVE-2013-6340 CVE-2013-7112 CVE-2013-7113 CVE-2013-7114 CVE-2014-0107 CVE-2014-2281 CVE-2014-2282 CVE-2014-2283 CVE-2014-2299 CVE-2014-2892 CVE-2014-2907 CVE-2014-4020 CVE-2014-5161 CVE-2014-5162 CVE-2014-5163 CVE-2014-5164 CVE-2014-5165 CVE-2015-0559 CVE-2015-0560 CVE-2015-0561 CVE-2015-0562 CVE-2015-0563 CVE-2015-0564 CVE-2015-2188 CVE-2015-2189 CVE-2015-2191 CVE-2015-3811 CVE-2015-3812 CVE-2015-3813 CVE-2015-3814 CVE-2015-8126 CVE-2016-4994 CVE-2018-14665 CVE-2019-18634 SUSE-SU-2018:3680-1 SUSE-SU-2020:0408-1 Platform(s): openSUSE 13.1 openSUSE 13.1 NonFree SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise for SAP 12 SUSE Linux Enterprise for SAP 12 SP1 SUSE Linux Enterprise High Availability 12 SP4 SUSE Linux Enterprise High Performance Computing 12 SP5 SUSE Linux Enterprise Module for Containers 12 SUSE Linux Enterprise Module for Legacy Software 12 SUSE Linux Enterprise Module for Public Cloud 12 SUSE Linux Enterprise Module for Web Scripting 12 SUSE Linux Enterprise Real Time Extension 12 SP1 SUSE Linux Enterprise Server 11 SP1-CLIENT-TOOLS SUSE Linux Enterprise Server 11 SP1-LTSS SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP2-LTSS SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12-LTSS SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 SUSE Linux Enterprise Server for SAP Applications 12 SP1 SUSE Linux Enterprise Server for SAP Applications 15 SUSE Linux Enterprise Server for VMWare 11 SP2 SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Software Development Kit 12 SP1 SUSE Linux Enterprise Software Development Kit 12 SP3 SUSE Linux Enterprise Software Development Kit 12 SP4 SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Workstation Extension 12 SP1 SUSE Linux Enterprise Workstation Extension 12 SP2 SUSE Linux Enterprise Workstation Extension 12 SP3 SUSE Linux Enterprise Workstation Extension 15 SUSE OpenStack Cloud 5 SUSE OpenStack Cloud 6 Product(s): Definition Synopsis SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information java-1_7_0-openjdk-1.7.0.91-0.14.2 is installed OR java-1_7_0-openjdk-demo-1.7.0.91-0.14.2 is installed OR java-1_7_0-openjdk-devel-1.7.0.91-0.14.2 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information tar-1.27.1-4 is installed OR tar-lang-1.27.1-4 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information aaa_base-13.2+git20140911.61c1681-28 is installed OR aaa_base-extras-13.2+git20140911.61c1681-28 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information bash-4.3-82 is installed OR bash-doc-4.3-82 is installed OR bash-lang-4.3-82 is installed OR libreadline6-6.3-82 is installed OR libreadline6-32bit-6.3-82 is installed OR readline-doc-6.3-82 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information alsa-1.0.27.2-15 is installed OR libasound2-1.0.27.2-15 is installed OR libasound2-32bit-1.0.27.2-15 is installed Definition Synopsis SUSE Linux Enterprise for SAP 12 is installed AND Package Information kgraft-patch-3_12_60-52_54-default-2-2.2 is installed OR kgraft-patch-3_12_60-52_54-xen-2-2.2 is installed OR kgraft-patch-SLE12_Update_15-2-2.2 is installed Definition Synopsis SUSE Linux Enterprise for SAP 12 SP1 is installed AND Package Information evince-3.10.3-2.3.1 is installed OR evince-lang-3.10.3-2.3.1 is installed OR libevdocument3-4-3.10.3-2.3.1 is installed OR libevview3-3-3.10.3-2.3.1 is installed Definition Synopsis SUSE Linux Enterprise High Availability 12 SP4 is installed AND Package Information cluster-md-kmp-default-4.12.14-94.41 is installed OR dlm-kmp-default-4.12.14-94.41 is installed OR gfs2-kmp-default-4.12.14-94.41 is installed OR ocfs2-kmp-default-4.12.14-94.41 is installed Definition Synopsis SUSE Linux Enterprise High Performance Computing 12 SP5 is installed AND Package Information ecryptfs-utils-103-8.3 is installed OR ecryptfs-utils-32bit-103-8.3 is installed Definition Synopsis SUSE Linux Enterprise Module for Containers 12 is installed AND docker-1.6.2-31 is installed Definition Synopsis SUSE Linux Enterprise Module for Legacy Software 12 is installed AND Package Information java-1_6_0-ibm-1.6.0_sr16.35-43 is installed OR java-1_6_0-ibm-fonts-1.6.0_sr16.35-43 is installed OR java-1_6_0-ibm-jdbc-1.6.0_sr16.35-43 is installed OR java-1_6_0-ibm-plugin-1.6.0_sr16.35-43 is installed Definition Synopsis SUSE Linux Enterprise Module for Public Cloud 12 is installed AND Package Information kernel-ec2-3.12.48-52.27 is installed OR kernel-ec2-devel-3.12.48-52.27 is installed OR kernel-ec2-extra-3.12.48-52.27 is installed Definition Synopsis SUSE Linux Enterprise Module for Web Scripting 12 is installed AND Package Information apache2-mod_php5-5.5.14-7.1 is installed OR php5-5.5.14-7.1 is installed OR php5-bcmath-5.5.14-7.1 is installed OR php5-bz2-5.5.14-7.1 is installed OR php5-calendar-5.5.14-7.1 is installed OR php5-ctype-5.5.14-7.1 is installed OR php5-curl-5.5.14-7.1 is installed OR php5-dba-5.5.14-7.1 is installed OR php5-dom-5.5.14-7.1 is installed OR php5-enchant-5.5.14-7.1 is installed OR php5-exif-5.5.14-7.1 is installed OR php5-fastcgi-5.5.14-7.1 is installed OR php5-fileinfo-5.5.14-7.1 is installed OR php5-fpm-5.5.14-7.1 is installed OR php5-ftp-5.5.14-7.1 is installed OR php5-gd-5.5.14-7.1 is installed OR php5-gettext-5.5.14-7.1 is installed OR php5-gmp-5.5.14-7.1 is installed OR php5-iconv-5.5.14-7.1 is installed OR php5-intl-5.5.14-7.1 is installed OR php5-json-5.5.14-7.1 is installed OR php5-ldap-5.5.14-7.1 is installed OR php5-mbstring-5.5.14-7.1 is installed OR php5-mcrypt-5.5.14-7.1 is installed OR php5-mysql-5.5.14-7.1 is installed OR php5-odbc-5.5.14-7.1 is installed OR php5-openssl-5.5.14-7.1 is installed OR php5-pcntl-5.5.14-7.1 is installed OR php5-pdo-5.5.14-7.1 is installed OR php5-pear-5.5.14-7.1 is installed OR php5-pgsql-5.5.14-7.1 is installed OR php5-pspell-5.5.14-7.1 is installed OR php5-shmop-5.5.14-7.1 is installed OR php5-snmp-5.5.14-7.1 is installed OR php5-soap-5.5.14-7.1 is installed OR php5-sockets-5.5.14-7.1 is installed OR php5-sqlite-5.5.14-7.1 is installed OR php5-suhosin-5.5.14-7.1 is installed OR php5-sysvmsg-5.5.14-7.1 is installed OR php5-sysvsem-5.5.14-7.1 is installed OR php5-sysvshm-5.5.14-7.1 is installed OR php5-tokenizer-5.5.14-7.1 is installed OR php5-wddx-5.5.14-7.1 is installed OR php5-xmlreader-5.5.14-7.1 is installed OR php5-xmlrpc-5.5.14-7.1 is installed OR php5-xmlwriter-5.5.14-7.1 is installed OR php5-xsl-5.5.14-7.1 is installed OR php5-zip-5.5.14-7.1 is installed OR php5-zlib-5.5.14-7.1 is installed Definition Synopsis SUSE Linux Enterprise Real Time Extension 12 SP1 is installed AND Package Information kernel-compute-3.12.69-60.30.1 is installed OR kernel-compute-base-3.12.69-60.30.1 is installed OR kernel-compute-devel-3.12.69-60.30.1 is installed OR kernel-compute_debug-3.12.69-60.30.1 is installed OR kernel-compute_debug-devel-3.12.69-60.30.1 is installed OR kernel-devel-rt-3.12.69-60.30.1 is installed OR kernel-rt-3.12.69-60.30.1 is installed OR kernel-rt-base-3.12.69-60.30.1 is installed OR kernel-rt-devel-3.12.69-60.30.1 is installed OR kernel-rt_debug-3.12.69-60.30.1 is installed OR kernel-rt_debug-devel-3.12.69-60.30.1 is installed OR kernel-source-rt-3.12.69-60.30.1 is installed OR kernel-syms-rt-3.12.69-60.30.1 is installed Definition Synopsis SUSE Linux Enterprise Server 11 SP1-CLIENT-TOOLS is installed AND spacewalk-backend-libs-1.2.74-0.22.2 is installed Definition Synopsis SUSE Linux Enterprise Server 11 SP1-LTSS is installed AND Package Information xorg-x11-libxcb-7.4-1.22.5.15 is installed OR xorg-x11-libxcb-32bit-7.4-1.22.5.15 is installed Definition Synopsis Release Information SUSE Linux Enterprise Server 11 SP2 is installed AND freetype2-2.3.7-25.32.1 is installed OR freetype2-32bit-2.3.7-25.32.1 is installed OR freetype2-x86-2.3.7-25.32.1 is installed OR ft2demos-2.3.7-25.32.1 is installed OR Package Information SUSE Linux Enterprise Server for VMWare 11 SP2 is installed AND freetype2-2.3.7-25.32.1 is installed OR freetype2-32bit-2.3.7-25.32.1 is installed OR freetype2-x86-2.3.7-25.32.1 is installed OR ft2demos-2.3.7-25.32.1 is installed Definition Synopsis SUSE Linux Enterprise Server 11 SP2 is installed AND amavisd-new-2.7.0-18.7.1 is installed Definition Synopsis SUSE Linux Enterprise Server 11 SP3 is installed AND apache2-mod_security2-2.7.1-0.2.12.1 is installed Definition Synopsis SUSE Linux Enterprise Server 11 SP4 is installed AND Package Information NetworkManager-0.7.1_git20090811-3.28.2 is installed OR NetworkManager-glib-0.7.1_git20090811-3.28.2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 is installed AND Package Information MozillaFirefox-31.1.0esr-1 is installed OR MozillaFirefox-translations-31.1.0esr-1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information aaa_base-13.2+git20140911.61c1681-9 is installed OR aaa_base-extras-13.2+git20140911.61c1681-9 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information MozillaFirefox-45.4.0esr-81 is installed OR MozillaFirefox-translations-45.4.0esr-81 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND update-alternatives-1.18.4-14 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information apache2-mod_apparmor-2.8.2-49 is installed OR apparmor-docs-2.8.2-49 is installed OR apparmor-parser-2.8.2-49 is installed OR apparmor-profiles-2.8.2-49 is installed OR apparmor-utils-2.8.2-49 is installed OR libapparmor1-2.8.2-49 is installed OR libapparmor1-32bit-2.8.2-49 is installed OR pam_apparmor-2.8.2-49 is installed OR pam_apparmor-32bit-2.8.2-49 is installed OR perl-apparmor-2.8.2-49 is installed Definition Synopsis SUSE Linux Enterprise Server 12-LTSS is installed AND Package Information kgraft-patch-3_12_48-52_27-default-5-2.2 is installed OR kgraft-patch-3_12_48-52_27-xen-5-2.2 is installed OR kgraft-patch-SLE12_Update_8-5-2.2 is installed Definition Synopsis SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 is installed AND Package Information accountsservice-0.6.42-14 is installed OR accountsservice-lang-0.6.42-14 is installed OR libaccountsservice0-0.6.42-14 is installed OR typelib-1_0-AccountsService-1_0-0.6.42-14 is installed Definition Synopsis SUSE Linux Enterprise Server for SAP Applications 12 SP1 is installed AND wget-1.14-21.3 is installed Definition Synopsis SUSE Linux Enterprise Server for SAP Applications 15 is installed AND Package Information sudo-1.8.22-4.9 is installed OR sudo-devel-1.8.22-4.9 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 11 SP2 is installed AND Package Information GraphicsMagick-1.2.5-4.33.1 is installed OR libGraphicsMagick2-1.2.5-4.33.1 is installed OR perl-GraphicsMagick-1.2.5-4.33.1 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 11 SP4 is installed AND libopenssl-devel-0.9.8j-0.70.1 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 is installed AND bind-devel-9.9.5P1-1 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 SP1 is installed AND ctdb-devel-2.5.5-1 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 SP3 is installed AND ruby2.1-rubygem-bundler-1.7.3-3 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 SP4 is installed AND Package Information DirectFB-devel-1.7.1-6 is installed OR lib++dfb-devel-1.7.1-6 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 12 is installed AND Package Information dia-0.97.2-13 is installed OR dia-lang-0.97.2-13 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 12 SP1 is installed AND libpolkit0-32bit-0.113-4 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 12 SP2 is installed AND Package Information colord-1.3.3-10 is installed OR colord-lang-1.3.3-10 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 12 SP3 is installed AND bogofilter-1.2.4-5 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 15 is installed AND Package Information xorg-x11-server-1.19.6-8.3 is installed OR xorg-x11-server-wayland-1.19.6-8.3 is installed
BACK