Oval Definition:oval:org.opensuse.security:def:57043
Revision Date:2021-01-26Version:1
Title:Security update for sudo (Important)
Description:

This update for sudo fixes the following issues:

- A Heap-based buffer overflow in sudo could be exploited to allow a user to gain root privileges [bsc#1181090,CVE-2021-3156] - It was possible for a user to test for the existence of a directory due to a Race Condition in `sudoedit` [bsc#1180684,CVE-2021-23239] - A Possible Symlink Attack vector existed in `sudoedit` if SELinux was running in permissive mode [bsc#1180685, CVE-2021-23240] - It was possible for a User to enable Debug Settings not Intended for them [bsc#1180687]
Family:unixClass:patch
Status:Reference(s):1005480
1005886
1005893
1006221
1013533
1013604
1015348
1016366
1016369
1021814
1021817
1021818
1021819
1021820
1021821
1021822
1021823
1021824
1021991
1022555
1026636
1027519
1027570
1028235
1028655
1029827
1030144
1030442
1034843
1034844
1034845
1034994
1035483
1045327
1048942
1051510
1055825
1056058
1057950
1065363
1066242
1070162
1073703
1078248
1079730
1081518
1082635
1083093
1089644
1091041
1093898
1096759
1098369
1098403
1098998
1103383
1108043
1111025
1112039
1113722
1114279
1117169
1127077
1128481
1131107
1134880
1135902
1136528
1136570
1136777
1138039
1139926
1140402
1140948
1141043
1143706
1143794
1144333
1144902
1149448
1150466
1151548
1151900
1152782
1153628
1153681
1153811
1154043
1154058
1154124
1154355
1154526
1154956
1155021
1155689
1155692
1155836
1155897
1155921
1155982
1156187
1156258
1156429
1156466
1156471
1156494
1156609
1156700
1156729
1156882
1157038
1157042
1157070
1157143
1157145
1157158
1157162
1157171
1157173
1157178
1157180
1157182
1157183
1157184
1157191
1157193
1157197
1157298
1157307
1157324
1157333
1157424
1157463
1157499
1157678
1157698
1157778
1157908
1158049
1158063
1158064
1158065
1158066
1158067
1158068
1158082
1180684
1180685
1180687
1181090
CVE-2014-1932
CVE-2015-4047
CVE-2016-10009
CVE-2016-10011
CVE-2016-10165
CVE-2016-8611
CVE-2016-8858
CVE-2016-9576
CVE-2016-9603
CVE-2016-9794
CVE-2016-9841
CVE-2017-1000251
CVE-2017-10281
CVE-2017-10285
CVE-2017-10293
CVE-2017-10295
CVE-2017-10345
CVE-2017-10346
CVE-2017-10347
CVE-2017-10348
CVE-2017-10349
CVE-2017-10350
CVE-2017-10355
CVE-2017-10356
CVE-2017-10357
CVE-2017-10388
CVE-2017-15274
CVE-2017-2633
CVE-2017-3735
CVE-2017-3736
CVE-2017-5373
CVE-2017-5375
CVE-2017-5376
CVE-2017-5378
CVE-2017-5380
CVE-2017-5383
CVE-2017-5386
CVE-2017-5390
CVE-2017-5396
CVE-2017-6414
CVE-2017-6505
CVE-2017-7718
CVE-2017-7980
CVE-2018-12359
CVE-2018-12360
CVE-2018-12362
CVE-2018-12363
CVE-2018-12364
CVE-2018-12365
CVE-2018-12366
CVE-2018-12368
CVE-2018-18386
CVE-2018-3760
CVE-2018-5156
CVE-2018-5188
CVE-2019-10218
CVE-2019-12155
CVE-2019-13164
CVE-2019-14378
CVE-2019-14895
CVE-2019-15916
CVE-2019-16231
CVE-2019-17055
CVE-2019-18660
CVE-2019-18683
CVE-2019-18805
CVE-2019-18809
CVE-2019-19049
CVE-2019-19052
CVE-2019-19056
CVE-2019-19057
CVE-2019-19058
CVE-2019-19060
CVE-2019-19062
CVE-2019-19063
CVE-2019-19065
CVE-2019-19067
CVE-2019-19068
CVE-2019-19073
CVE-2019-19074
CVE-2019-19075
CVE-2019-19077
CVE-2019-19227
CVE-2019-3860
CVE-2021-23239
CVE-2021-23240
CVE-2021-3156
SUSE-SU-2016:3146-1
SUSE-SU-2017:0427-1
SUSE-SU-2017:0607-2
SUSE-SU-2017:1147-1
SUSE-SU-2017:2785-1
SUSE-SU-2017:3169-1
SUSE-SU-2017:3455-1
SUSE-SU-2018:2322-1
SUSE-SU-2018:2603-1
SUSE-SU-2019:1606-1
SUSE-SU-2019:2353-1
SUSE-SU-2019:2875-1
SUSE-SU-2019:3371-1
SUSE-SU-2021:0226-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND libusbmuxd4-1.0.10-lp150.3 is installed
  • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • dovecot23-2.3.3-lp151.2.6 is installed
  • OR dovecot23-backend-mysql-2.3.3-lp151.2.6 is installed
  • OR dovecot23-backend-pgsql-2.3.3-lp151.2.6 is installed
  • OR dovecot23-backend-sqlite-2.3.3-lp151.2.6 is installed
  • OR dovecot23-devel-2.3.3-lp151.2.6 is installed
  • OR dovecot23-fts-2.3.3-lp151.2.6 is installed
  • OR dovecot23-fts-lucene-2.3.3-lp151.2.6 is installed
  • OR dovecot23-fts-solr-2.3.3-lp151.2.6 is installed
  • OR dovecot23-fts-squat-2.3.3-lp151.2.6 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND Package Information
  • qemu-2.11.2-5.18 is installed
  • OR qemu-block-curl-2.11.2-5.18 is installed
  • OR qemu-ipxe-1.0.0+-5.18 is installed
  • OR qemu-kvm-2.11.2-5.18 is installed
  • OR qemu-seabios-1.11.0-5.18 is installed
  • OR qemu-sgabios-8-5.18 is installed
  • OR qemu-tools-2.11.2-5.18 is installed
  • OR qemu-vgabios-1.11.0-5.18 is installed
  • OR qemu-x86-2.11.2-5.18 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • openssh-6.6p1-54.7 is installed
  • OR openssh-askpass-gnome-6.6p1-54.7 is installed
  • OR openssh-fips-6.6p1-54.7 is installed
  • OR openssh-helpers-6.6p1-54.7 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • kgraft-patch-3_12_62-60_64_8-default-12-4 is installed
  • OR kgraft-patch-3_12_62-60_64_8-xen-12-4 is installed
  • OR kgraft-patch-SLE12-SP1_Update_8-12-4 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND ipsec-tools-0.8.0-15 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • kernel-firmware-20170530-21.22 is installed
  • OR ucode-amd-20170530-21.22 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • libwireshark9-2.4.9-48.29 is installed
  • OR libwiretap7-2.4.9-48.29 is installed
  • OR libwscodecs1-2.4.9-48.29 is installed
  • OR libwsutil8-2.4.9-48.29 is installed
  • OR wireshark-2.4.9-48.29 is installed
  • OR wireshark-gtk-2.4.9-48.29 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_114-92_67-default-10-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_19-10-2 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND chrony-2.3-3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND log4j-1.2.15-126.3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • libvirglrenderer0-0.5.0-12.3 is installed
  • OR virglrenderer-0.5.0-12.3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND sudo-1.8.20p2-3.20.1 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • libpython3_4m1_0-3.4.6-25.16 is installed
  • OR python3-3.4.6-25.16 is installed
  • OR python3-base-3.4.6-25.16 is installed
  • OR python3-curses-3.4.6-25.16 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • libpython2_7-1_0-2.7.13-28.16 is installed
  • OR libpython2_7-1_0-32bit-2.7.13-28.16 is installed
  • OR python-2.7.13-28.16 is installed
  • OR python-32bit-2.7.13-28.16 is installed
  • OR python-base-2.7.13-28.16 is installed
  • OR python-base-32bit-2.7.13-28.16 is installed
  • OR python-curses-2.7.13-28.16 is installed
  • OR python-demo-2.7.13-28.16 is installed
  • OR python-doc-2.7.13-28.16 is installed
  • OR python-doc-pdf-2.7.13-28.16 is installed
  • OR python-gdbm-2.7.13-28.16 is installed
  • OR python-idle-2.7.13-28.16 is installed
  • OR python-tk-2.7.13-28.16 is installed
  • OR python-xml-2.7.13-28.16 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • crowbar-4.0+git.1528801103.f5708341-7.20 is installed
  • OR crowbar-core-4.0+git.1534246408.3ab19c567-9.33 is installed
  • OR crowbar-core-branding-upstream-4.0+git.1534246408.3ab19c567-9.33 is installed
  • OR crowbar-devel-4.0+git.1528801103.f5708341-7.20 is installed
  • OR crowbar-ha-4.0+git.1533750802.5768e73-4.34 is installed
  • OR crowbar-openstack-4.0+git.1534254269.ce598a9fe-9.39 is installed
  • OR crowbar-ui-1.1.0+git.1533844061.4ac8e723-4.3 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • libssh2-1-1.4.3-20.9 is installed
  • OR libssh2-1-32bit-1.4.3-20.9 is installed
  • OR libssh2_org-1.4.3-20.9 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • libvirt-3.3.0-5.40 is installed
  • OR libvirt-admin-3.3.0-5.40 is installed
  • OR libvirt-client-3.3.0-5.40 is installed
  • OR libvirt-daemon-3.3.0-5.40 is installed
  • OR libvirt-daemon-config-network-3.3.0-5.40 is installed
  • OR libvirt-daemon-config-nwfilter-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-interface-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-libxl-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-lxc-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-network-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-nodedev-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-nwfilter-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-qemu-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-secret-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-storage-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-storage-core-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-storage-disk-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-storage-iscsi-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-storage-logical-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-storage-mpath-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-storage-rbd-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-storage-scsi-3.3.0-5.40 is installed
  • OR libvirt-daemon-hooks-3.3.0-5.40 is installed
  • OR libvirt-daemon-lxc-3.3.0-5.40 is installed
  • OR libvirt-daemon-qemu-3.3.0-5.40 is installed
  • OR libvirt-daemon-xen-3.3.0-5.40 is installed
  • OR libvirt-doc-3.3.0-5.40 is installed
  • OR libvirt-libs-3.3.0-5.40 is installed
  • OR libvirt-lock-sanlock-3.3.0-5.40 is installed
  • OR libvirt-nss-3.3.0-5.40 is installed
  • BACK