Oval Definition:oval:org.opensuse.security:def:55833
Revision Date:2021-01-27Version:1
Title:Security update for sudo (Important)
Description:

This update for sudo fixes the following issues:

- A Heap-based buffer overflow in sudo could be exploited to allow a user to gain root privileges [bsc#1181090,CVE-2021-3156] - It was possible for a user to test for the existence of a directory due to a Race Condition in `sudoedit` [bsc#1180684,CVE-2021-23239]
Family:unixClass:patch
Status:Reference(s):1001600
1035442
1050241
1061081
1064715
1064716
1068032
1070158
1070159
1070160
1070163
1074562
1076116
1076180
1076390
1080635
1080662
1082810
1083125
1085447
1090368
1090646
1106222
1110910
1111006
1111010
1111013
1114422
1140120
1165471
1180684
1181090
807449
860611
901242
901748
916835
929900
930721
933336
942317
944066
950944
954200
954201
955131
956988
961721
961964
962736
962737
962738
962739
967026
974655
980722
981670
984684
987895
988651
989721
989722
989723
989725
989726
989727
989728
989729
989730
989731
989732
989733
989734
994989
CVE-2009-1273
CVE-2013-1769
CVE-2013-4245
CVE-2014-3566
CVE-2014-4288
CVE-2014-6456
CVE-2014-6457
CVE-2014-6458
CVE-2014-6466
CVE-2014-6468
CVE-2014-6476
CVE-2014-6485
CVE-2014-6492
CVE-2014-6493
CVE-2014-6502
CVE-2014-6503
CVE-2014-6504
CVE-2014-6506
CVE-2014-6511
CVE-2014-6512
CVE-2014-6513
CVE-2014-6515
CVE-2014-6517
CVE-2014-6519
CVE-2014-6527
CVE-2014-6531
CVE-2014-6532
CVE-2014-6558
CVE-2014-6562
CVE-2014-9761
CVE-2015-5722
CVE-2015-7547
CVE-2015-8076
CVE-2015-8077
CVE-2015-8078
CVE-2015-8776
CVE-2015-8777
CVE-2015-8778
CVE-2015-8779
CVE-2016-0787
CVE-2016-3458
CVE-2016-3485
CVE-2016-3498
CVE-2016-3500
CVE-2016-3503
CVE-2016-3508
CVE-2016-3511
CVE-2016-3550
CVE-2016-3552
CVE-2016-3587
CVE-2016-3598
CVE-2016-3606
CVE-2016-3610
CVE-2016-4912
CVE-2016-7567
CVE-2017-13089
CVE-2017-13090
CVE-2017-13166
CVE-2017-15595
CVE-2017-17563
CVE-2017-17564
CVE-2017-17565
CVE-2017-17566
CVE-2017-18030
CVE-2017-5715
CVE-2017-5753
CVE-2017-5754
CVE-2017-7890
CVE-2018-10839
CVE-2018-14553
CVE-2018-15746
CVE-2018-17958
CVE-2018-17962
CVE-2018-17963
CVE-2018-18849
CVE-2018-2579
CVE-2018-2582
CVE-2018-2588
CVE-2018-2599
CVE-2018-2602
CVE-2018-2603
CVE-2018-2618
CVE-2018-2633
CVE-2018-2634
CVE-2018-2637
CVE-2018-2638
CVE-2018-2639
CVE-2018-2641
CVE-2018-2663
CVE-2018-2677
CVE-2018-2678
CVE-2018-5683
CVE-2018-8781
CVE-2018-8897
CVE-2019-11038
CVE-2021-23239
CVE-2021-3156
SUSE-SU-2015:0336-1
SUSE-SU-2015:1480-1
SUSE-SU-2015:2172-1
SUSE-SU-2016:0472-1
SUSE-SU-2016:0718-1
SUSE-SU-2016:1457-1
SUSE-SU-2016:2012-1
SUSE-SU-2016:2661-1
SUSE-SU-2017:2871-2
SUSE-SU-2018:0609-1
SUSE-SU-2018:0665-1
SUSE-SU-2018:1537-1
SUSE-SU-2018:3973-1
SUSE-SU-2020:0623-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 11 SP4
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 6
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • bzip2-1.0.6-lp150.3 is installed
  • OR libbz2-1-1.0.6-lp150.3 is installed
  • OR libbz2-1-32bit-1.0.6-lp150.3 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • libBasicUsageEnvironment1-2019.06.28-lp151.2.3 is installed
  • OR libUsageEnvironment3-2019.06.28-lp151.2.3 is installed
  • OR libgroupsock8-2019.06.28-lp151.2.3 is installed
  • OR libliveMedia66-2019.06.28-lp151.2.3 is installed
  • OR live555-2019.06.28-lp151.2.3 is installed
  • OR live555-devel-2019.06.28-lp151.2.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP2 is installed
  • AND telepathy-gabble-0.7.10-2.19 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND Package Information
  • bind-9.9.6P1-0.15 is installed
  • OR bind-libs-9.9.6P1-0.15 is installed
  • OR bind-libs-32bit-9.9.6P1-0.15 is installed
  • OR bind-utils-9.9.6P1-0.15 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP4 is installed
  • AND Package Information
  • glibc-2.11.3-17.95 is installed
  • OR glibc-32bit-2.11.3-17.95 is installed
  • OR glibc-devel-2.11.3-17.95 is installed
  • OR glibc-devel-32bit-2.11.3-17.95 is installed
  • OR glibc-i18ndata-2.11.3-17.95 is installed
  • OR glibc-locale-2.11.3-17.95 is installed
  • OR glibc-locale-32bit-2.11.3-17.95 is installed
  • OR nscd-2.11.3-17.95 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND Package Information
  • openslp-2.0.0-17 is installed
  • OR openslp-32bit-2.0.0-17 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND Package Information
  • gd-2.1.0-24.17 is installed
  • OR gd-32bit-2.1.0-24.17 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • pam_ssh-2.0-1 is installed
  • OR pam_ssh-32bit-2.0-1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • kgraft-patch-3_12_74-60_64_66-default-5-2 is installed
  • OR kgraft-patch-3_12_74-60_64_66-xen-5-2 is installed
  • OR kgraft-patch-SLE12-SP1_Update_23-5-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • apache-commons-beanutils-1.9.2-1 is installed
  • OR apache-commons-beanutils-javadoc-1.9.2-1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND ucode-intel-20180425-13.20 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND sudo-1.8.10p3-10.29.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • openslp-2.0.0-18.15 is installed
  • OR openslp-32bit-2.0.0-18.15 is installed
  • OR openslp-server-2.0.0-18.15 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • glibc-2.22-61 is installed
  • OR glibc-32bit-2.22-61 is installed
  • OR glibc-devel-2.22-61 is installed
  • OR glibc-devel-32bit-2.22-61 is installed
  • OR glibc-html-2.22-61 is installed
  • OR glibc-i18ndata-2.22-61 is installed
  • OR glibc-info-2.22-61 is installed
  • OR glibc-locale-2.22-61 is installed
  • OR glibc-locale-32bit-2.22-61 is installed
  • OR glibc-profile-2.22-61 is installed
  • OR glibc-profile-32bit-2.22-61 is installed
  • OR nscd-2.22-61 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • nfs-client-1.3.0-34.22 is installed
  • OR nfs-doc-1.3.0-34.22 is installed
  • OR nfs-kernel-server-1.3.0-34.22 is installed
  • OR nfs-utils-1.3.0-34.22 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • kgraft-patch-4_4_178-94_91-default-4-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_25-4-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • libgcrypt-1.6.1-16.58 is installed
  • OR libgcrypt20-1.6.1-16.58 is installed
  • OR libgcrypt20-32bit-1.6.1-16.58 is installed
  • OR libgcrypt20-hmac-1.6.1-16.58 is installed
  • OR libgcrypt20-hmac-32bit-1.6.1-16.58 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND ipsec-tools-0.8.0-19.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 6 is installed
  • AND wget-1.14-21.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • kernel-default-4.4.121-92.73 is installed
  • OR kernel-default-base-4.4.121-92.73 is installed
  • OR kernel-default-devel-4.4.121-92.73 is installed
  • OR kernel-default-man-4.4.121-92.73 is installed
  • OR kernel-devel-4.4.121-92.73 is installed
  • OR kernel-macros-4.4.121-92.73 is installed
  • OR kernel-source-4.4.121-92.73 is installed
  • OR kernel-syms-4.4.121-92.73 is installed
  • OR kgraft-patch-4_4_121-92_73-default-1-3.3 is installed
  • OR kgraft-patch-SLE12-SP2_Update_21-1-3.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND sudo-1.8.20p2-3.14 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • pam_radius-1.3.16-239.4 is installed
  • OR pam_radius-32bit-1.3.16-239.4 is installed
    • BACK