Security update for sudo
This update for sudo fixes the following issues:
CVE-2017-1000367:
- Due to incorrect assumptions in /proc/[pid]/stat parsing,
a local attacker can pretend that his tty is any file on the filesystem,
thus gaining arbitrary file write access on SELinux-enabled systems. [bsc#1039361]
- Fix FQDN for hostname. [bsc#1024145]
- Filter netgroups, they aren't handled by SSSD. [bsc#1015351]
- Fix problems related to "krb5_ccname" option [bsc#981124]
This update was imported from the SUSE:SLE-12-SP2:Update update project.
-
Submitted by
Kristyna Streitova (kstreitova)
Fixed bugs
bnc#1015351
sudo is not able to resolve sudo for users when using LDAP - fixed upstream
bnc#1024145
Sudoers fqdn not working as expected in SLES12SP2 compared to SLES11SP4
bnc#1039361
EMU: VUL-0: EMBARGOED: CVE-2017-1000367: sudo: path traversal race conditions
bnc#981124
sudo krb5_ccname does not work
