Oval Definition:oval:org.opensuse.security:def:59507
Revision Date:2021-01-26Version:1
Title:Security update for sudo (Important)
Description:

This update for sudo fixes the following issues:

- A Heap-based buffer overflow in sudo could be exploited to allow a user to gain root privileges [bsc#1181090,CVE-2021-3156] - It was possible for a user to test for the existence of a directory due to a Race Condition in `sudoedit` [bsc#1180684,CVE-2021-23239] - A Possible Symlink Attack vector existed in `sudoedit` if SELinux was running in permissive mode [bsc#1180685, CVE-2021-23240] - It was possible for a User to enable Debug Settings not Intended for them [bsc#1180687]
Family:unixClass:patch
Status:Reference(s):1009966
1046856
1061599
1063269
1070727
1091396
1105010
1107116
1107121
1120644
1122191
1124937
1137001
1141780
1141782
1141783
1141785
1141789
1147021
1156323
1156324
1156326
1156328
1156329
1162687
1162689
1162691
1168404
1168407
1169066
1173274
1174415
1174628
1180684
1180685
1180687
1181090
910252
910253
913650
913651
917152
964336
996511
CVE-2009-0696
CVE-2009-4022
CVE-2010-3613
CVE-2010-3614
CVE-2010-3615
CVE-2011-0414
CVE-2011-1521
CVE-2011-1907
CVE-2011-1910
CVE-2011-2199
CVE-2011-2464
CVE-2011-3389
CVE-2011-4313
CVE-2011-4944
CVE-2012-0845
CVE-2012-1150
CVE-2012-1667
CVE-2012-3817
CVE-2012-3868
CVE-2012-4244
CVE-2012-5166
CVE-2012-5688
CVE-2012-5689
CVE-2013-1752
CVE-2013-1753
CVE-2013-2266
CVE-2013-4238
CVE-2013-4854
CVE-2014-0591
CVE-2014-1912
CVE-2014-4650
CVE-2014-7185
CVE-2014-8116
CVE-2014-8117
CVE-2014-8500
CVE-2014-9620
CVE-2014-9621
CVE-2014-9653
CVE-2015-1349
CVE-2015-4620
CVE-2015-5477
CVE-2015-5722
CVE-2015-8000
CVE-2015-8704
CVE-2016-0772
CVE-2016-1000110
CVE-2016-1285
CVE-2016-1286
CVE-2016-2775
CVE-2016-2776
CVE-2016-5636
CVE-2016-5699
CVE-2016-6170
CVE-2016-8864
CVE-2016-9131
CVE-2016-9147
CVE-2016-9444
CVE-2017-1000083
CVE-2017-17083
CVE-2017-17084
CVE-2017-17085
CVE-2017-3135
CVE-2017-3136
CVE-2017-3137
CVE-2017-3138
CVE-2017-3142
CVE-2017-3143
CVE-2018-15473
CVE-2018-16428
CVE-2018-16429
CVE-2018-20406
CVE-2019-11771
CVE-2019-11775
CVE-2019-12450
CVE-2019-12523
CVE-2019-12526
CVE-2019-12528
CVE-2019-18676
CVE-2019-18677
CVE-2019-18678
CVE-2019-18679
CVE-2019-2762
CVE-2019-2766
CVE-2019-2769
CVE-2019-2816
CVE-2019-4473
CVE-2019-5010
CVE-2019-6212
CVE-2019-6215
CVE-2019-6216
CVE-2019-6217
CVE-2019-6226
CVE-2019-6227
CVE-2019-6229
CVE-2019-6233
CVE-2019-6234
CVE-2019-7317
CVE-2020-14344
CVE-2020-14422
CVE-2020-15900
CVE-2020-1927
CVE-2020-1934
CVE-2020-1938
CVE-2020-8449
CVE-2020-8450
CVE-2020-8517
CVE-2021-23239
CVE-2021-23240
CVE-2021-3156
SUSE-SU-2017:3048-1
SUSE-SU-2017:3428-1
SUSE-SU-2017:3436-1
SUSE-SU-2019:0511-1
SUSE-SU-2019:1722-1
SUSE-SU-2019:2336-1
SUSE-SU-2020:0661-1
SUSE-SU-2020:1272-1
SUSE-SU-2020:2097-1
SUSE-SU-2020:2117-1
SUSE-SU-2020:2157-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 12 SP4-ESPOS
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
SUSE OpenStack Cloud Crowbar 9
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • libcdio16-0.94-lp150.4 is installed
  • OR libiso9660-10-0.94-lp150.4 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND teeworlds-0.7.3.1-lp151.2.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • glib2-2.48.2-12.12 is installed
  • OR glib2-lang-2.48.2-12.12 is installed
  • OR glib2-tools-2.48.2-12.12 is installed
  • OR libgio-2_0-0-2.48.2-12.12 is installed
  • OR libgio-2_0-0-32bit-2.48.2-12.12 is installed
  • OR libglib-2_0-0-2.48.2-12.12 is installed
  • OR libglib-2_0-0-32bit-2.48.2-12.12 is installed
  • OR libgmodule-2_0-0-2.48.2-12.12 is installed
  • OR libgmodule-2_0-0-32bit-2.48.2-12.12 is installed
  • OR libgobject-2_0-0-2.48.2-12.12 is installed
  • OR libgobject-2_0-0-32bit-2.48.2-12.12 is installed
  • OR libgthread-2_0-0-2.48.2-12.12 is installed
  • OR libgthread-2_0-0-32bit-2.48.2-12.12 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • openssh-7.2p2-74.30 is installed
  • OR openssh-askpass-gnome-7.2p2-74.30 is installed
  • OR openssh-fips-7.2p2-74.30 is installed
  • OR openssh-helpers-7.2p2-74.30 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • bind-9.9.9P1-62 is installed
  • OR bind-chrootenv-9.9.9P1-62 is installed
  • OR bind-doc-9.9.9P1-62 is installed
  • OR bind-libs-9.9.9P1-62 is installed
  • OR bind-libs-32bit-9.9.9P1-62 is installed
  • OR bind-utils-9.9.9P1-62 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND permissions-2015.09.28.1626-17.20 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • java-1_8_0-ibm-1.8.0_sr5.40-30.54 is installed
  • OR java-1_8_0-ibm-alsa-1.8.0_sr5.40-30.54 is installed
  • OR java-1_8_0-ibm-plugin-1.8.0_sr5.40-30.54 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • kernel-default-4.4.180-94.113 is installed
  • OR kernel-default-base-4.4.180-94.113 is installed
  • OR kernel-default-devel-4.4.180-94.113 is installed
  • OR kernel-default-kgraft-4.4.180-94.113 is installed
  • OR kernel-default-man-4.4.180-94.113 is installed
  • OR kernel-devel-4.4.180-94.113 is installed
  • OR kernel-macros-4.4.180-94.113 is installed
  • OR kernel-source-4.4.180-94.113 is installed
  • OR kernel-syms-4.4.180-94.113 is installed
  • OR kgraft-patch-4_4_180-94_113-default-1-4.5 is installed
  • OR kgraft-patch-SLE12-SP3_Update_30-1-4.5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • libpolkit0-0.113-5.12 is installed
  • OR polkit-0.113-5.12 is installed
  • OR typelib-1_0-Polkit-1_0-0.113-5.12 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • audiofile-0.3.6-10 is installed
  • OR libaudiofile1-0.3.6-10 is installed
  • OR libaudiofile1-32bit-0.3.6-10 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4-ESPOS is installed
  • AND sudo-1.8.20p2-3.20.1 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • ghostscript-9.52-23.39 is installed
  • OR ghostscript-x11-9.52-23.39 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND python-ipaddress-1.0.18-3.13 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 9 is installed
  • AND Package Information
  • grub2-2.02-12.39 is installed
  • OR grub2-i386-pc-2.02-12.39 is installed
  • OR grub2-snapper-plugin-2.02-12.39 is installed
  • OR grub2-systemd-sleep-plugin-2.02-12.39 is installed
  • OR grub2-x86_64-efi-2.02-12.39 is installed
  • OR grub2-x86_64-xen-2.02-12.39 is installed
    • BACK